last executing test programs:

11m34.250207821s ago: executing program 32 (id=9189):
rt_sigaction(0x14, 0x0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000d80))

10m48.136423241s ago: executing program 33 (id=9385):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\t'], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001c40)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="98f873d086000000000000"], 0x0}, 0x0)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)

7m24.140783552s ago: executing program 4 (id=11065):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0xac0, 0x0)
preadv(r0, &(0x7f0000000080)=[{&(0x7f00000000c0)=""/201, 0xc9}], 0x1, 0xffeffffb, 0x1009)

7m23.995360638s ago: executing program 4 (id=11068):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x7c, 0x0, 0x8, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_DATA={0x54, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x63d1}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0xffff6a97}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x7fff}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x6}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4801}, 0x4c000)

7m23.932036171s ago: executing program 4 (id=11070):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
ioctl$BLKOPENZONE(r0, 0x40101286, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000300)={0xa0, 0xfffffffffffffffe, 0x0, {{0x1, 0x2, 0x2, 0x6bf, 0x8, 0x1, {0x6, 0x2, 0x100000001, 0x0, 0x6, 0x1, 0x101, 0x7, 0xe, 0xb000, 0x7, 0x0, 0x0, 0x1, 0x3}}, {0x0, 0x1c}}}, 0xa0)
read$FUSE(r1, 0x0, 0x0)
read(r0, &(0x7f00000001c0)=""/69, 0x45)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x6000, 0x80600})

7m23.310349194s ago: executing program 4 (id=11073):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0xce)
close(r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r2, &(0x7f0000000100)=""/159, 0xfffffe5a)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x20)
mmap$fb(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r3, 0x6f000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r4, &(0x7f0000000980)={0x2020}, 0x2020)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r5, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r6, 0x80084121, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

7m23.091518134s ago: executing program 4 (id=11074):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x2c8000, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='user.incfs.metadata\x00', &(0x7f0000000080)=""/4096, 0x1000)

7m22.879245851s ago: executing program 4 (id=11075):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1000, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
open(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000180), 0x1, 0x0)

7m22.681518725s ago: executing program 34 (id=11075):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1000, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
open(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000180), 0x1, 0x0)

4m28.805026874s ago: executing program 1 (id=12004):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x20, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20004080}, 0x20000000) (async)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/raw6\x00') (async)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r2, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e22}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000094}, 0x8000) (async)
socket$xdp(0x2c, 0x3, 0x0) (async)
sendmsg$NL80211_CMD_STOP_NAN(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, r0, 0x400, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x7e}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x20000845) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r2, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c0959750d7dc632}, 0x40) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000004c0)) (async)
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000500), 0xc0800, 0x0)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000580), r3)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x28, r5, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}]}, 0x28}}, 0x48800) (async)
r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
fsetxattr$trusted_overlay_upper(r7, &(0x7f00000006c0), &(0x7f0000000700)={0x0, 0xfb, 0xb1, 0x5, 0xe, "6031a6a8ec2a94180de71f4a67dda238", "223be3f42c856cbf03d51187cfcae7d12953fea22e62b7d5d5ebdd245ba79947a1b894e036e295aaec5be549edc263160f6c9b2c7cff984e98ad97a41b405a6cdfb2034448b6e97c5c0674a8a2a7c65b5fd5ff19869049dc1817f8238693b9496b63244cdc81a44b08b0ee1081172fba889cf660656951d473b2d60728901f0ba1d62123e759169a29511d72ace3d442900ac51f769028fa56a0e66b"}, 0xb1, 0x0) (async)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000007c0)={0x5, 0x0, [{0xd27, 0x0, 0xc7b2}, {0x0, 0x0, 0x1}, {0xa80, 0x0, 0xf2e5}, {0x863, 0x0, 0x40}, {0xa47, 0x0, 0x7}]}) (async)
r8 = accept4$netrom(r4, &(0x7f0000000840)={{}, [@default, @default, @remote, @netrom, @default, @default, @rose, @null]}, &(0x7f00000008c0)=0x48, 0x80000)
accept4(r8, &(0x7f0000000900)=@phonet, &(0x7f0000000980)=0x80, 0xc0800) (async)
r9 = openat$mice(0xffffffffffffff9c, &(0x7f00000009c0), 0x244442)
sendmsg$kcm(r9, &(0x7f0000002200)={&(0x7f0000000a00)=@llc={0x1a, 0x320, 0x9, 0x7, 0x3b, 0xd}, 0x80, &(0x7f0000002080)=[{&(0x7f0000000a80)="083910cf457290002c2b1f2ee7aa8517e30291ada20e48891a15135366320778077c4bb6e058f0c413629fca66ada69b92dd1ad41304b50fa5124253a03cd7231579c5be49ab6d5786808143722359c5f1a44d1ffb8b75b00cb507bde9dd817a5066577fbb7f1320bf7455012043d8fb98440f403c8dce2f95b8a9ae94029e71000e058c837a", 0x86}, {&(0x7f0000000b40)="6ef152de81ad61bfdb71f80fa9b6697b4390e84582e8db6fe5857fc163951f228f66b654b01ccf8eabef6f07b0d41ece3024331ff71304f6aad7b53c79bf3e76798154ffb4955aa29134116759df131b7508fe7e1c88f2b2753bb70f3bce7a8d77d14a3db0e3151ec43efc5e9d6051b4", 0x70}, {&(0x7f0000000bc0)="463311d8bb1c6a9e91588c8badac93b68ba05d70486c4f203ce09f0cffc479b7dc7e4fa1573e6e7060a653914004916f5adbdbaa20cdd8ab8be07276545c3fb8e15fd12c2f4c268538385192904a5e4a038e4c583a45344d5b3f0bd2c0d755f4f5482a815611afeff51cae5c09234f310e074f2d5d24a8e88a819f89b0e76eaca106af083e72728a07cc69f8345ddb71f4fca511ebe95b2bab9786b7f6fdeb391eafb511feca3fd0d015", 0xaa}, {&(0x7f0000000c80)="97ef0c745efa3398fc3d1c39bff59419486db626bb6a45ad36015b5ffe3f88faa61cc52b5eb22250118b478e87b838bdffd123e1d2f37e0375766e2895df90327cd4035c59cb1aa9b65fe388de7a3c7cd4b49973a69db1a283cec036b73b792b6fd119e1ea339a2389797a12ea22db18017fb9e338578e74b32bbdd4bae3072dddf92e622cf8793fed13c54aaead5da3876b31ca9f2fb817f3d77769ae32f01929b895a55f73534f2b25eb318d03687a5a7a185e861455924b1579bfeb4037fedf063c9f7a5f0e83e7bf52fe3ea6c9721d77b564167f56aaa9da89407a45b2ec4fb1d55947a241e55847858fbddc0f0a76b17badcb20bb8ab0a8a5d619ee0d3877405d5c7875a7b54ce93b5c46c5bd2a7554d8eaf5d84a99ef7bf99b4ddfb4096f498df9feb7038abd763ee82e2dd540a455b0c8c9cfb331569d0fc2ebe329a6af52b0a48e33b359756d8617defe5bd4c365198545343a002f3621461dfd9dcce28a08498f762b5c91f3d5700ad60aaa50a3f011f5ee2a44fa3fb6f3d128985499557e6d7993fa20a8c49217b3cdff7c36db784beb1eaaef7ba4220119293ad575d2a9e2aeb44d7d56f03615caffe62692d3fec8b6382e70b9c9b643bd19b1140e1006b9bbf75dc1e26c51595ff73ffc7797e2baee1bb74df2581ff851cfe7cd038cd19040c19f238354666ab2f1990f2b0793342a74d18e0cde7fbde04f6c5a69c0b50afa245b00befd03e4e1ecafe58d6c35a687f9cbb8653cdf570ba2cfe179a663df3a23356f42d7067a3ad68f9b771beb94a807f576fd487d0b512661331c1549ad6edabb9c8d8149a649a2d92692e8705f5aa0327d99453e9bc8536bf2c3d0d9777f78cc373e4b70e03cb217e63999b0c4b4d523615eed53d3af93d1b1c616ce4ec3173f3cd042cd3eac09e59726bd375061f7966f9716ed27f744ff7c503938d11706c7614f5e2d007c56a50e890e46507f5f56d14b1627ee51442b56f7acb5e8fc515bb8e933dca0659831b293c8f33f114a6b10ed9f400b3d66251cf6a6fa0fb3685ba460b8a3cda5af736f39355771c0f8d993fbfbbe149ca30bc3c7c0acf2a77ec3fdb3f70f0dc149cac6d4811e3b1e4fb7a71638bdef2419ea8febc90bb006967db377b73a1dfed415ed592f0a7a5f90cede49cc1881c0ecc3de4d4d753336eaec4ebd82d73ae76131d7e498c315ce29656b453257639556db5066f045e9d402567f67d4a18461867ee1479bbacf4fca12bcb337e6bdbff0bb8630c792af7bb860e1d89cd5810185d4750677df971e764995dadf04b821d6b095e9d662c68414510cdc1d2ecb255218c3e269be7d055206f69770a54bfe192388999258d5c6abbce8c4218732c45bef7bfae7bdaad7269655f89f27adc9feedcb0812366dd20b6b14d57fb6f3d93de25bf86ef2e52e5d57d64983b9bcf6e084e841e21705260d762f843210881483c99e96c689632bd6ee7dc76a3bcc26725ed8d7db3bda337b11991367911de764166227ce84f9cbbde3700b97af8cede5a2187a2bc04a3bffb45133b036cb725afbeee6e182a0a70878f82c3d40b88a53bb9a9899a2bd3a2a2a24694917394f453b68bd9c97cce2a0babcbb462bac263168f887ab7bf4f285395494b9b221944f8c33a21b5b3bb7712e5d2956a827a863b8f08b50254d72d913d61623864d5bfafc437e5a35bc66b692ea511ab9f71f9145db93bce13ef6d28944420850e1fd15ff5d214a560dabea0d1ad517f537c5960cb692c83680c216626698c5ddd4b7af9513883f639764697a022bc2a7ae37d9b93395303f09ebf5bfa735778435139cee0ef7873297657cdec246ab2061cd3fdac14a4baf85b5868fd8b1a30ba1655725f2a1cb1a4c249e8cff395473cf840c810c0821dd376227624328ae65553c6054db4ed19c80431493b04df1c4d36e7e1dc3af92d3291f6b052bf03b4a0201541a901cb7d5c10df1d1405c27383c5339d52631c84c9d6260533273f6642a813b1ec1289225da85c1648320ac3b730d572dda81174f9225a3bfebe000918f89d93b9c884e66f476d84459096e871ca4364b6333c3430abfbd36f9bff39e1b7e9e728d774e8b3009088f3d7c29c510d2b99c3024b3fad1c50bcbe5b7ab98f6bc990c132e716054f70bab3c469d7dffaa67447fe9ea05e7acb57557205a8ecc00509c9b9c54ae455cf2ec5718dbc2824f362488a04f5df9422165a3e3cedee5bdbcbbd4a807f686ab4bdc8778d851d49f52232e04d738ed578fb3617ef0474c0c6668797afb070b95bafdacc7e16b5b35c14995be65d7c28eba4417e25d79d857381cb38938f6ff000ee9cd962b0871755f2df16b5791083d1f8be5a7ee4420a0699bfcf5b6c1185a46d15ec92383510f235499ede8dd61da3a1297335778aecd094514bb03b8f69a9d9ceb2921b81be34474d3362a0ca01ea0fdaea220a7d661df9e0800ca9026ab7979f140eba0c54de796fa38f3437eb6425c23f72f4a5a5f5fed3e4b80efb143f369f43b5fd34159748a976353bed32d0be2c260ccebd9faa7aac2da1fa76c9e3fa0c772da51ad5d462b30577d93a417e6362f5f69bdbf984f9445d2f65c08e3503b3bbad905a37bca724d9ddf88b89c0eb2744c56ad08833565ab6d676f9c57d291de24259e7f25c69afdaab904f301546133234b177ef824cf401df1fc3c3f6c7c8bc303bf471832f966ff38bdab858fe69b70a1cc6dc99b51cebc86a4b5a7c91ec4391bbdc82c2176a41ed3ee243fbd8af90d2e79bfb263ffa36a896821756deb5f88f72be62ceaccf5a78f2dd762a0c98d267423ba70fdd4908a0bec1a92efe05ad5db5cfa103606d0d14c67f387feacede8a41521016ca8be8c5ecdc93f1ac57dd032a257b18d396e569a12145402df4af4cdee5c1a951112e6c94735ab7264eb31e7e98f0f450bde851e296629d4385fbb11f5d04bd0d4a37ee3ae9cada723b35825798f79357fb8f9ccc82114ae36f2e653d0c23d87dda0befd337fc3484bf812ca55576fc7b54e96734f1c52cd2ab238b2f29fcfc162365259fe61e5eeac790ee5ce67b51dac6f907aea3f5da5106059a1e97d03d306a26df5be69f661175f74c1756cbfecc956a6f474fc455a2b9db58167ca2f959bf09f25df83de3d6951db788aae81fcf9bd08424cf6dbba84cebd02d0821e499e552d9d8e2de54c6e5fb82fe599199dee40e81c13293a1dd588481afbfd64ac32fb879264c239585d76116bf52445560595a76abfa70452b1f9d548e07061f7a1f4710e91adb2f1ed086bade8d2a08f68473df36a66d5a821070cd9be4a6fae4e0ba91645d4e0a3c6784a5bd643b7e2ca0d96c16164df0aca1ae2a27fd9ee6673cb38e87e0b157da37152ba942a36c71f41f47dd0618aa60babc5fda34ffe1a8a8f6d3ee0ed5bf3949c8c8a6050e6fbf1b9b4e5fe16471b1d0be2cba567b649627f66ec83cd8f99e0ca3a5e4564477520a381f6ae5b78a9d663b521c9f9a1259837bd1691cbced7394fc354018c90c99346aaa418e0d83f708d9df3f683d2503c16af057f8b63584548d17d49e8b418af9e8eeb4813bdcce7de00859caf346b6cabc78cd2bbf258e20ea306e3281fda5051cf75b7a480c3526aa58a2ba88744f9701f0f8b3514efb239f1002f0d5b2dec48839ee6f44e7b7e147d8f6758cf751ff352290dfc56b602f6e269d3ce81767f1f571009ccd38d90ae1c5f7cd8af60a1566c648ba17fa5879b4d85fa306628d4c9664bfdd30df4c8973e4116afbf48da060b3cb27cd4ef923c93ae8cb3950af80fae97a509c2935350ad815bac20bb9e709d6381abbe6bcf75305c5b1f9c36025c4c2e0e987cc58cc71e0a2083ec2516dea1b47571a4c3a2e82e0b7839c156742faa0c32e498f9897202b5f3d04ef200e59fa906fdcf84b97f736c5aaca07fc0cd919945dd3073b99fe9bafa4cbbbbba1d944d553f75d42b5ba076f25c9bfdc113a03b8817151ef697900ad013bebacbf076aef895e2e9142ee33038aca4810202b26b0667ef99bd703bc1834d56f9831ae611cccb41bcda3743632881f6beb6080f665248192b3e4b11de66387bb47106b2bcd342253103a1191283c12eb4f648c12b0b8ff3309e5de32df65b27081c46d8f8f8afc4fbfd33452713b73e278f18f975a28725f5f69e1551f9fc61e415a125f36c86ad880c9eab84c4138eeac83432fec861b58986b217af354a8510013a44ca3a23161f37df81b334574b0c670a5b71160018af6f67e6d25a77534be6e26e8afa8dd82d9515fd6205dacc40acb5cb9dc04d19ed909c4a19d311f603ff26b91567d476103ef3fe2f1f42c2db5f3b1342a8cde94c38e07c6a70938134347f29320757ee4f6db9ec919761dd510075958f8ed1d45377b221d9b30bfce198b10731f76abf35e18fed84aa3765059811052f258998289bdbbde0125ded62697d94e12145a0fc3ae252f5068612cc05407b69605305789ca92c44ba0b06282516584c61207ea56a8f5d123b51891451a0e5beec462a430f7ac3ad7fe32d5e1be2410771f83e28ecd908e9207a72e0046cb22fc040133e3629fd285c74732f413499bd9f47063d24d33712e09c725ad96885419d4718deb776209863f49f251272460deeeaf0aaec02167385f0814b5b94791394bc212b7d4397580e25956bb049184d487eb8e862c0f8a5387047f85f4b54c8ade39a03d85dfe1fb30c67d8ba00f089b44c918b3566ebf5a331eaf563df8b5b169f5078c1706edf62e653dd379f1f9b8c5e568ed2ea1e7c86548bbcae294b4c0f27de79d4cb4ae7d165f220232c5e5a6e9a5dc3833b52af3cad5aae750ab91df937639694caed2308c440debc7cef74ff433d1aa67fd965f05f8c082ad7815eb351ba3c15a551e060914b0c2e37b1b1892d03057a53deeb2f76a1e3662a48944f8b237d73fdb76f229b2fe4e7b7298571e67217df4f3b81ea8b296a770260a44c9377a49a08012e6d07a48ea0b1607ef162431511fc9e344fa11c2f3d0be7e89513dfe6490254106fe7d597ed8187e69a42442dc929c85c6b9c105da0e248e1aefe073f9a7a702df0bd804932a4168fecc303d2e259113376fe18cee31672068accfc00f31b39466cf77cd0d7d16986e9efcde68ebed273b92e260093023ddfe8a64be62a1d03f18d7c578ae2683fb32185381d6dd3fb692a9341525b376e072858e795a400a6c242bee18f2e9f3cc075e887d150805b8584e5164154520b7e45d396b5cdc8598d71ed4025ba310978c873869ccb032afb18c697e31e3366d73a22569ee13734f0481cd80b61fb0c6adaf0885d5fc5f2bef53568342562218ad9775e0ec10b94f68df0b34e80d04fc1c5cb39e234f81a3c7ff61bf52e85704dc41ba65390d4aa1e177d0037117f1359e1d33bcbbf51eb758be1c8d9049fb04726ae807a57c75224d1dfcc529239a0e828b43b2c12d28c50c9621759b2b8e6b3d704a1ba4902f2742716242a41292460f07a77e902098ebf37ee43d86551e5fe420a1a4b2a2617e0994f99d749ab50865ea18eaea622c33c61d574b6d63730ec97bc89107a6cf2ae76926bfc524bc02354b9e31cfc90f54af42db4456eb9fb5360c5604841be60bd6bd8c34ee173ed97dc9b6168a0eb44dfe1fca9ee4e067e18a0a7ed5b6716ebfb600be6ba107c8ed57298e5d9da33e6719ea3ca4e151b1906a13e871c284de9fb83351324b014d720cd1792048e9a7184561af9dd25012e031280074f8785d97bcdca02492de036fa7bc72020a66fc0d994b860666259", 0x1000}, {&(0x7f0000001c80)="0450afc977c10e11bac6af902d25212d98c65fca93493cb0fa494454f3ddec7ba058d6341300f9586ef0b80b1236d7161a1ab3b7e7364215434661362812b974d060c0eb571afea60c853059ec377f408638e474f283837daaac39ba928dfe8466e02928164fb3f9e21fa75becc61caf9a8f6b6a8b9f69ac8e604f12c5524aef51b9d63735d7624171fd8c16d840e4422dacef0713321aeb92d856511e53d63e27828b86a4ddd25c39878c568eb99f9ed8c45a2e6380158fa25d42f17f84b62d592d8ada80f6292f8032f8ee51db8eee280fd79d83d26de199776777bb921df363cc5fcde7", 0xe5}, {&(0x7f0000001d80)="963fb40f2f7af777991cd352b280f14164ad217d93b7711cd1660258db5f09f56cc4c2626fc4ef536d62b075bc35b64379eeeb12b2b7fe998ca7876b5e89d62d6348c914a4b4a3b8b5828dce4e507ff073631f3d7b60fbf2bc6dab8761064ebf157b57e14982f38daf9c2012d7cca5df6ee6", 0x72}, {&(0x7f0000001e00)="345e2dc0018fabc71754", 0xa}, {&(0x7f0000001e40)="3f725a7ab5b2bf92f3fcb5671915113bd16041a09e215155d86e5dffc77fd0b9a278362642c4663abce0c6f40e50854963ddfbd682ef5c79d7151ff4cc69856a2202a1a4b178ccd528ae49e03fa8d1f05dc4877a515c27e93ec62011f6a7fb9eb08db1a2d87011752a1bcfcaea56e4c5a0b2e9a43c534f715095fd413e45a4e858db64536eb955cc6c4a11c70ade1b858eba8d481a9e64f583e93daee1fd281ebd9d0c69290902ab40353f4cfdacc0bbd9dd7b75662dda8a8afd5eb7b8ec569e9fffe9d284162b913622dce3e0f127416ecb43a7c723bf040a12a7c91d4af3bd91007475dbc313dd141a483b9a07207cddb1f6ac67f8de5e6597d3e5", 0xfc}, {&(0x7f0000001f40)="1e77b7f52c62f7f420cb22f403c74eab8f51325047f6560b95c607fcafbf8706c947e49718b6b83b040cc0a59f150ac632efca8bf09a1325272514fac49b1bd6b6a34f157b17082741eec999a2727616bf24b48f9f281759f6fe3ffefcd921c8784b498ba42aeceb9353ca668abe84084ab175dffc91292ae7ad5ff2310c5b5470db79f2cee66a003f7964c8172dd01efb39762e3a91963be1521027e4244366a8dc1c742d", 0xa5}, {&(0x7f0000002000)="bf24e769523d835a6a103d21c39683378c86c02b697b7ddfb9a92ab909648e3cb2270ed0cb985263be155b9106c6e7e28a5e1e4bbf557630db509d463b1e613f9356bc92990b82f8143b24b7e591ad291536ef7a513007cbe2de4c75e5ffd55a8fd3", 0x62}], 0xa, &(0x7f0000002140)=[{0x90, 0x1, 0xc, "8c29accb312b9775a4f5e7f4ffabd8986414577c9f33eb2507c344920a7326e68c6ec6f35e2b861d14394d7e7e49af463afce1a0a409016086ad8473a8d809b7ecb5e1ed04bd7255317f2f4552e8aa4cf2b3a71712eb5c99d88ce929c57b41c401b0ca2d0a8f3daac3e79b22c1f863e6c87454018291a5b74dd750"}], 0x90}, 0x800) (async)
ioctl$SG_SET_KEEP_ORPHAN(r6, 0x2287, &(0x7f0000002240)=0x6) (async)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000002340)={&(0x7f0000002280), 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x38, 0x1, 0x4, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFULA_CFG_MODE={0xa, 0x2, {0x7fff, 0x1}}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x2}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x2}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x880}, 0x80)
r10 = socket$inet6_sctp(0xa, 0xb, 0x84)
connect$inet6(r10, &(0x7f0000002380)={0xa, 0x4e21, 0x100, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1}, 0x1c)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002400), r3)
sendmsg$ETHTOOL_MSG_EEE_SET(r3, &(0x7f0000002900)={&(0x7f00000023c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000028c0)={&(0x7f0000002440)={0x448, r11, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @ETHTOOL_A_EEE_MODES_OURS={0x41c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0xaa, 0x5, "50df38d0c22d754ed83636e62088fbc338ef1c594748076352677ee584d1a1ed3bcc0a967160f58d7a43f80c556ba38e98ca87546e7e0df807c1b274a2306cedcfb7e40283d380d7be71235d8fa7c09987977214d01ff95e61b65f5df27af2103c7cdf30387432c8b44097fafd0560fc540a99041ad8dc0b0bcd533c437baae7e6a9f7f29db1f3d30a24642620df2977dfb7f5deaa6ccf7963266a4f8c87f45dfd71d7da3d0a"}, @ETHTOOL_A_BITSET_VALUE={0xf1, 0x4, "7bdef2e9286303ed34bda38622bb115753069f3da6eaf6bfa72ca1dd61cacd7f34882a7b27db68c56186b045f0e58ad1ec7c36aa9809164ddb58a186709fd6091886ff85acead5d325f0b87076c7d173f6e284ab6c02998a3ebc67c202af1307e70dbd4b9aae0abeeed766c2cc5780e52c5a84dc63ddf91dbacef68cd6fb40879c718783db3f8a7deca3df24d3cd2ca258481e4ba6aab6e4ee470af621cd3df339a3e1361ad94622ac46bb1cfa7f698744581b149a0a2917cc1ef649d41ef9433547134ca5bc2f1a70364e4da9679f035e8da15163e1ffccc7873c73d195dc2fdecac0a346e0e219fd9573d2ce"}, @ETHTOOL_A_BITSET_BITS={0x16c, 0x3, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5b4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x56}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '.\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffff9}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\xff\xff'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'net/raw6\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7b0}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x1a, 0x2, 'trusted.overlay.upper\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xf3}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffffc0}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb5}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7e6a}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb}, @ETHTOOL_A_BITSET_BIT_NAME={0x14, 0x2, '/dev/input/mice\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, 'wireguard\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0x15, 0x4, "31e6da87f6df954d16f33cb7a842996bb0"}, @ETHTOOL_A_BITSET_MASK={0xd, 0x5, "42155a8f38d202d232"}, @ETHTOOL_A_BITSET_VALUE={0xb9, 0x4, "0170b1b103793757ba6f4a4ab1c05cfbff2b02ea15c7fae49d6e1ce2228d9758a4834bd00126f02fb95eab0ab5cbff09e4e0201197e0b7e461ebd31592e5951b7e31fdd41d3f55605844f2da9fef9c5a108da32d3f445a8a9796bd44cc3c8d4dc2e4d2d024b456cba011727743224180d268a14e8faca79a67b2ad79dfb4205dfcc6761681054ea1497e4e115314f81c8aa4f066b01dd51548a0d6be386835efb185e2a4927514fca73c336b184da369fe6096c22c"}, @ETHTOOL_A_BITSET_MASK={0x25, 0x5, "82ff473bc7847e3422628d96d7080473f72f221cef42bb2f1a809d9a7bb2723be1"}]}]}, 0x448}, 0x1, 0x0, 0x0, 0x80000}, 0x4008040) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000002a00)={'ip6_vti0\x00', &(0x7f0000002980)={'ip6_vti0\x00', <r12=>0x0, 0x2f, 0xf4, 0x1, 0xf594, 0x20, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x40, 0x40, 0x74e4, 0xfffffffd}})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000002bc0)={&(0x7f0000002940)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000002b80)={&(0x7f0000002a40)={0x110, r11, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_DEBUG_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}, @ETHTOOL_A_DEBUG_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_DEBUG_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x20004040}, 0x10) (async)
ioctl$SIOCRSSL2CALL(0xffffffffffffffff, 0x89e2, &(0x7f0000002c40)=@null)

4m28.630562141s ago: executing program 1 (id=12006):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x51, 0x0, &(0x7f00000002c0)="a90cbf9b6da511911a7904b24a37e8cca3b2fe9e21e52d2b4b7049f2330ed1551946c71353fab8f17586aab37c49b330d41df9cc8e83b4130760e2786bbf3c239794655b2e83047bfeb4da8956eef3f21d"}) (fail_nth: 5)

4m28.211459147s ago: executing program 1 (id=12008):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
clock_adjtime(0x5, &(0x7f00000001c0)={0x3, 0xc, 0xb000000000000000, 0x3, 0x2, 0x49c377a5, 0x1f, 0x6, 0x7, 0x1, 0xffffffff, 0x4, 0x6, 0xfffffffffffff635, 0xf987, 0x594, 0x6, 0x8001, 0xffffffffffffffb2, 0x2, 0x2780d03d, 0x1, 0xc, 0x80000001, 0x5, 0x6})
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r2, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r3, 0x80084121, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

4m27.894281718s ago: executing program 1 (id=12009):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x587, 0x0, 0x10000000000ff}]})
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x29202, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$printer(r5, &(0x7f0000000340)={0x14, &(0x7f0000000d00)={0x20, 0x8, 0x3b, {0x3b, 0x2, "295c7f2efb804ed19223bca35590908035b441da3cb13686635d0930b62b6fff01b15a62758ef0b04822de552d1806549498bbe2bd0bd07411"}}, &(0x7f00000001c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x441}}}, &(0x7f0000001000)={0x34, &(0x7f0000000d80)={0x0, 0x12, 0xa9, "dadf2888b72413f514976afd76006916b4106ab9c87fd9cb272cdaf289a7cdb641bab358840fde0b76f9b5eef92e5401dea6c6324c2ac4e99240e48eddd971380a218340415481ea675626809309d56f1416ec6c14e08c002fe2a5282db6a0b7e6f626bef2faa504692603c6c290c29f3eb06a87b6cf644d3e23fbc0ce1c9984f9a191fa004de659a9b249d695b306f851659bc640d0ceee2ae475b6c620e98fb0b17d124ba0e95006"}, &(0x7f0000000e40)={0x0, 0xa, 0x1, 0xf7}, &(0x7f0000000ec0)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000f00)={0x20, 0x0, 0x47, {0x45, "b503fa2a085ed545363df955cf8a342111f7c841e5908958abf5321597b70ced3e2afc983c96607fc789b8f6c6bd74d9bac377d405d5cf18431cd472f0a49e03027613fc84"}}, &(0x7f0000000f80)={0x20, 0x1, 0x1, 0x4}, &(0x7f0000000fc0)={0x20, 0x0, 0x1, 0x2}})
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io$printer(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000600)={0x84, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r8, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="8c000000010105000000000000000000070000073c001880080002400000000008000240000007ff08000340000000093c2f1546cbf56ca005fb0bd6d627550800014000000000080003400000000808000340000000ff0800014000000009140005800e000100736e6d705f7472617000000008000840fffffffd1800170000000005ff00fe00ffffffff00000009000000020800084000000004"], 0x8c}, 0x1, 0x0, 0x0, 0x24000004}, 0x1000c000)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"])
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e746572003c0000000c0a0101000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002140000001000010000000000000000000a84000a"], 0xd0}, 0x1, 0x0, 0x0, 0xc800}, 0x0)
write(r3, &(0x7f0000000380)="fb196dec69a10b2284f761ca101022bcc68752cd2a4ddad8fb4427a23a27b90193ac13a4af86fe765f972d765daff264784bbd7bb9758824e951404b348375ddf05290d0ac0d1193da1090cae4ae32d841f14b4463125af7074084be37266ad8ffda263654000bec6327c11e0e3029907058c64629ad771d9b152fdcc2121b2a355ab2a4754e155e74e1a2618acc20f055d7f69bacaeebdecbcede36c675896677245097c7d87c727afc8890a6acabd6dc660bc389ef8379fb67212653aa766c1d6eca7c7b622835696a5e0ba4c04e7ac7263122337c3dc19d7974310bf43a8251cbc75ff3cffeab3d2e0e9d8e3edbd6bccb93185ab0f08af349c81512f0140643a55eb53a6cae06d378ecc95b7772f3b638d6f34b6ddc61e5014a16be5d7167800e5f992a71983d0698ace86ceb24f3f016bfb640c2833bf3bcba65c329d43e65351c89f9b8a392267438a8c10b0022546cdf39bdd0a57084c8d3a79e97bf75aa5409ff114febd2e48a59d118a4396ff5cee71b8d0b34e63343216281cb47a4a28b329de3104068ec02bd2e849a523c3b92c060dd023c3b9968c3329dd076db9c5f377b94168adc3a766b7f7f941cb4c6b507c77864c839770943f504a7f616b9e7c6b3dc2a81c617c0c6e6f5b0a6d0389ceb0da410e8562bdc5bb88de4a47810a21174488a4d3ef8dcba8a033ecd5f2361c8ba179ed58cf88c335433dfc0f0c1ed5716df27cb1823af02a2ca4f89754f3567b2f51b17f8ef04e8ce3e60e8c1d7773e98a4948f5bf5cee4b0732a78e67ab86a677b0d34cb3f852245e466f05618b844213fe8700cc6fc0b6813ba41a113b524709fb15ad68493da36443f83fc3cc25948dac9f32968e693e3b8c15386fdfd21344cec28e6170b2c94f8d2a6cd1c087297a18c82947e60b97e12742fc0ef6007ec136b3429ba2d4ef1b1fa77428fcc626c6eee96174c2a32a8e0cfa8b7cce8a39a8eef0d921cbf35a2a5ea6c1c8fedeb5bc783502b60392752262e38666f7f2eef6153471ddc469d89f911dadb2aeb40615cba6f5c37cd3ee584aed4f950063dbe223469190cd61281008ca4458373f98f9294115089801dda01deb69d56cdb0e10563a0c78045d6564c41bba6e31ab1e2141d5081624d108c8e8ddaafe7099a7114e2552dd46900f0a5aeaccab141175d377ab872f94d23b083c03cac21abd19ed2307264568e111d5927c08547716b5fdc4db72e4e715c35adb6333a3413b5a4b6b62bd82ab3fc52412929d4945c974ca5e42a2f7ec3f4987f1cc697e4dcbeb25a24c8755038c67da8e6b295f60ce900a5b6fd5a9ef3d50ffcb21ccbae6f05203d135f1bdf20d1d03fa044520cd6e7b5ea79c2f21c76914d47df5961ea77087967fc69836e819ba91d6ed2daf2a21c1100a1bb3320997422234b4d166eeb4c1d6498f508c4fbffdbb6fa8971598782d2d5ad10a38f785592151d406bfa8a3b72f35bcd895acc762182f7f56f851d808c0b872ab787472bcc07f311f442cf2755f3fd737b5ebe059d703306eb51f97de3fc62204d0a8ef4032e720dcf2c7afb2ffc0d07b1fe2da1568f44b0fd9979c2b1c69d4895145931dc6de29c0fbaae24607bf445a73237409b9595780bb173ab5938461120a70f64707cb90fa38dfec31259dab069b4a108d8ff7073de4f28fefe9acb318e725ca1d937e987c54b1b7c88b1ff8d82ee78291a4e80ae588d07b8dfe9303cc80172048992932642502d0a34a1135fd9fe480b891feead766a5d0ea906ea90e7e42800ae1d4c2ec23bf98e307c35ca76606e8b261c9a8ddde2d057bb0cfaaf4233f7a3e0ab5eb2565afc2210c2e33f2d63c51afb7d823acf58e6e602f544872dc3821f9c4fbb5e64eeb30de1df52a406fe25d024dde2cf3ce08230830f6359ab499ca38a4b442d56f28fb8a017657b2c241c10f490d3b7904325098ec40e5d90311b08a23446e107ca4a5ac7146764c9daeaaf7d1e288880296b91387ecb75a8f442c3cf29704460144ce5c03b8d74e689a7ff091e2883c1e4a45cfb8d124caab6d8518c983b1d958921c7d02e0d2f881d8379fa01f76ece37b67a59d6692ddcf34badd6d081bae36b43ab6e961409677bfdc445b3bb67ba9ee779af19cb42de9cf2e18ba6e6859152280f69cecf5fe120aaa5a894d0e125ce24fa33e77a90696a367d88d839663b4ce7f195ce6b158f6204c8e380f0b1be2c41b10d8984d55ba4f51262dbd6e3254660604efe5fc8f6ae5e2b3c0a219650060bc40d839b86c5a07247f36f2bf83d282ca0951b056c1ea748785984d5b686dd74618d4e28090ba47aaf2512d03eb21b7e97fdea9197b75da73d8b9a29b566254bd6654f3f1eec1006b7b671301dcb5051c18435f247d366fae034022f5c965a922fe2225bdb7e757daa2e7c2bf8b03be0d4590895c34bd8582ee1d04939b60e4bd28d6e77a243e14e60e6dc9e07297d5b17f54d1c105f1334e7436c498c6c57179ce4b5a835b076e06e41fec35ef4b962fad389c935f77fa5cae0fb19c4d5b9", 0x701)
r10 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000002c0)=""/110, 0x6e}, {&(0x7f00000047c0)=""/4060, 0xfdc}, {&(0x7f00000037c0)=""/4069, 0xfe5}, {&(0x7f0000000ac0)=""/259, 0x103}, {&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000001780)=""/14, 0xe}, {&(0x7f0000000c00)=""/219, 0xdb}, {&(0x7f00000004c0)=""/38, 0x26}], 0x8}, 0x40000120)
sendmsg$inet(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000900)="5c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3651f60a84c9f4d4938037e70e4509c5bb00000000e513aeac9bf2bee150d5fe86", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)
recvmsg$kcm(r10, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x40000002)
close_range(r9, r3, 0x2)

4m24.30350584s ago: executing program 1 (id=12028):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, 0x0, 0x0)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet6_int(r0, 0x29, 0x4b, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)

4m24.205780784s ago: executing program 1 (id=12030):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}}) (async)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}})
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000040)={0x60, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8}})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r2, &(0x7f0000000100)=""/159, 0xfffffe5a)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r3, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r3, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
read$usbmon(r4, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000200)={0x5, 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0]}) (async)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000200)={0x5, 0x0, &(0x7f00000001c0)=[<r5=>0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0], &(0x7f00000002c0)=[0x0, <r6=>0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x1, 0x4, 0x7})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000480)={&(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], 0x3, 0x7, 0x1, 0x4}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000480)={&(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[<r7=>0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], 0x3, 0x7, 0x1, 0x4})
r8 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) (async)
r9 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r9, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r9, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r9, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r10=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r9, 0xc02064b6, &(0x7f00000001c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANE(r9, 0xc02064b6, &(0x7f00000001c0)={r10, 0x0, <r11=>0x0, 0x0, 0x0, 0x0, 0x0})
r12 = syz_open_dev$dri(&(0x7f0000000000), 0xab, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r12, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[<r13=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r8, 0xc02064b6, &(0x7f0000000200)={r10, <r14=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r8, 0xc06864a2, &(0x7f0000000400)={&(0x7f00000002c0)=[r13, r13], 0x2, r14, r11, 0x0, 0x0, 0x100, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe156, 0x0, 0x0, 0x10, 0x0, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}}) (async)
ioctl$DRM_IOCTL_MODE_SETCRTC(r8, 0xc06864a2, &(0x7f0000000400)={&(0x7f00000002c0)=[r13, r13], 0x2, r14, r11, 0x0, 0x0, 0x100, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe156, 0x0, 0x0, 0x10, 0x0, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})
syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) (async)
r15 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r15, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r15, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r16=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r15, 0xc06864a1, &(0x7f00000004c0)={0x0, 0x0, r16})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000600)={&(0x7f0000000500)=[<r17=>0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0], 0x1, 0x9, 0x1, 0x3})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000640)={&(0x7f00000004c0)=[r5, 0x0, r6, r7, r13], 0x5, r16, r17, 0x3, 0x1, 0x5, 0x81, {0x8, 0x8, 0x3cd3, 0x7, 0x8000, 0x1, 0x0, 0x0, 0x1, 0x6, 0x7, 0x3, 0xb, 0x73833cd3, "1efd242f93176cced71b28336ed1c08c9086ca7040ae9af5c40bba70dc12d796"}})
r18 = syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r18, 0x80084121, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

4m23.411275926s ago: executing program 3 (id=12034):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x24280, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, '\a\x00', "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", '\x00', "2a1e833e7af32011"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000280)=@gcm_128={{0x303}, "3c444bdaacdcab4d", "7c09e3c444d2f0ff2495408ac00bc823", "13d4610e", "05d41a5b745d371f"}, 0x28)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x8a)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, <r7=>0x0], &(0x7f0000000040), 0x5, r6})
r8 = socket$inet(0x2, 0x3, 0x7f)
setsockopt$inet_int(r8, 0x0, 0x3, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000380)={0x201, 0x1, &(0x7f0000000440)=[r6], &(0x7f0000000200), &(0x7f00000000c0)=[r7], &(0x7f0000000340)})
sendmsg$nl_xfrm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001f0001"], 0x40}, 0x1, 0x0, 0x0, 0x48000}, 0x10)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
read$hidraw(0xffffffffffffffff, &(0x7f0000000000)=""/4, 0x4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

4m13.077806441s ago: executing program 3 (id=12081):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f00000001c0)=""/140, 0x8c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000f1ffffff210000400000000009"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x7)
ioctl$SIOCAX25DELUID(r4, 0x89e2, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x59616d61, 0xd, 0xffffffffffffffff)
syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r5, 0x0, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto(r4, &(0x7f0000000000)="fdbebfaa1addd8ee06e12aa7", 0xc, 0x0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x0, 0x0, 0x0, 0x2, {0xa, 0x4e22, 0x3e96, @mcast2, 0x9}}}, 0x80)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async)
read(r0, &(0x7f00000001c0)=""/140, 0x8c) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000f1ffffff210000400000000009"]) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async)
syz_init_net_socket$ax25(0x3, 0x2, 0x7) (async)
ioctl$SIOCAX25DELUID(r4, 0x89e2, 0x0) (async)
prctl$PR_SET_MM_EXE_FILE(0x59616d61, 0xd, 0xffffffffffffffff) (async)
syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
write$char_usb(r5, 0x0, 0x0) (async)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
sendto(r4, &(0x7f0000000000)="fdbebfaa1addd8ee06e12aa7", 0xc, 0x0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x0, 0x0, 0x0, 0x2, {0xa, 0x4e22, 0x3e96, @mcast2, 0x9}}}, 0x80) (async)

4m11.715423685s ago: executing program 3 (id=12086):
r0 = openat$rnullb(0xffffffffffffff9c, 0x0, 0x28200, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
close_range(r0, r1, 0x0)

4m11.606170144s ago: executing program 3 (id=12087):
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
splice(r1, 0x0, r0, 0x0, 0x800000000ff, 0x1000000000000000)

4m11.538487693s ago: executing program 3 (id=12088):
sysfs$2(0x2, 0x8467, 0x0)
sysfs$2(0x2, 0x3800, &(0x7f0000001100)=""/113)
sysfs$2(0x2, 0x401, &(0x7f0000000000)=""/4096)
sysfs$2(0x2, 0x10, &(0x7f0000001000)=""/226)

4m11.423376228s ago: executing program 3 (id=12089):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x24280, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, '\a\x00', "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", '\x00', "2a1e833e7af32011"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000280)=@gcm_128={{0x303}, "3c444bdaacdcab4d", "7c09e3c444d2f0ff2495408ac00bc823", "13d4610e", "05d41a5b745d371f"}, 0x28)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x8a)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, <r7=>0x0], &(0x7f0000000040), 0x5, r6})
r8 = socket$inet(0x2, 0x3, 0x7f)
setsockopt$inet_int(r8, 0x0, 0x3, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000380)={0x201, 0x1, &(0x7f0000000440)=[r6], &(0x7f0000000200), &(0x7f00000000c0)=[r7], &(0x7f0000000340)})
sendmsg$nl_xfrm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001f0001"], 0x40}, 0x1, 0x0, 0x0, 0x48000}, 0x10)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
read$hidraw(0xffffffffffffffff, &(0x7f0000000000)=""/4, 0x4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

4m7.713112208s ago: executing program 35 (id=12030):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}}) (async)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}})
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000040)={0x60, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8}})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r2, &(0x7f0000000100)=""/159, 0xfffffe5a)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r3, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r3, 0x0)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
read$usbmon(r4, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000200)={0x5, 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0]}) (async)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000200)={0x5, 0x0, &(0x7f00000001c0)=[<r5=>0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0], &(0x7f00000002c0)=[0x0, <r6=>0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x1, 0x4, 0x7})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000480)={&(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], 0x3, 0x7, 0x1, 0x4}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000480)={&(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[<r7=>0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], 0x3, 0x7, 0x1, 0x4})
r8 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) (async)
r9 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r9, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r9, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r9, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r10=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r9, 0xc02064b6, &(0x7f00000001c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANE(r9, 0xc02064b6, &(0x7f00000001c0)={r10, 0x0, <r11=>0x0, 0x0, 0x0, 0x0, 0x0})
r12 = syz_open_dev$dri(&(0x7f0000000000), 0xab, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r12, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[<r13=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r8, 0xc02064b6, &(0x7f0000000200)={r10, <r14=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r8, 0xc06864a2, &(0x7f0000000400)={&(0x7f00000002c0)=[r13, r13], 0x2, r14, r11, 0x0, 0x0, 0x100, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe156, 0x0, 0x0, 0x10, 0x0, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}}) (async)
ioctl$DRM_IOCTL_MODE_SETCRTC(r8, 0xc06864a2, &(0x7f0000000400)={&(0x7f00000002c0)=[r13, r13], 0x2, r14, r11, 0x0, 0x0, 0x100, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe156, 0x0, 0x0, 0x10, 0x0, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})
syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) (async)
r15 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r15, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r15, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r16=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r15, 0xc06864a1, &(0x7f00000004c0)={0x0, 0x0, r16})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000600)={&(0x7f0000000500)=[<r17=>0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0], 0x1, 0x9, 0x1, 0x3})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000640)={&(0x7f00000004c0)=[r5, 0x0, r6, r7, r13], 0x5, r16, r17, 0x3, 0x1, 0x5, 0x81, {0x8, 0x8, 0x3cd3, 0x7, 0x8000, 0x1, 0x0, 0x0, 0x1, 0x6, 0x7, 0x3, 0xb, 0x73833cd3, "1efd242f93176cced71b28336ed1c08c9086ca7040ae9af5c40bba70dc12d796"}})
r18 = syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r18, 0x80084121, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

4m0.531271557s ago: executing program 5 (id=12118):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, 0x0, 0x0)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, r1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="1400000010000100000000000000f7000000000a20000000160a050000010073797a3000000000140000001100010000000000000000000000000a"], 0x48}}, 0x800)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000005000000003a00000008000300", @ANYRES32=r5, @ANYBLOB="05005b"], 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_PMKSA(r2, 0x0, 0x20044007)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
eventfd2(0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840), 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
syz_open_dev$vcsn(&(0x7f0000000080), 0x1, 0x201000)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r8 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, &(0x7f0000000100)={0x0, 0x0, 0xffffff90})

4m0.339679249s ago: executing program 5 (id=12120):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BLKFINISHZONE(r0, 0x40101288, &(0x7f00000001c0)={0x2, 0x9})
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r1)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000400)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_POLL(r3, &(0x7f0000000280)={0x18, 0x0, r4, {0x7}}, 0x18)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x18, r2, 0x100, 0xf0bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000080), 0x4)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)

3m59.499893687s ago: executing program 5 (id=12122):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r0, 0x2000)
madvise(&(0x7f000074a000/0x4000)=nil, 0x4000, 0x17) (fail_nth: 5)

3m59.333760524s ago: executing program 5 (id=12123):
r0 = memfd_secret(0x80000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r0, 0x1000000)

3m59.133028012s ago: executing program 5 (id=12124):
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f00000003c0)={0x0, 0x5, 0x1000, 0x476, 0x4000000000000000, 0xfffffffffffffffc, 0x3, 0x0, 0xfeff})
openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1813c1, 0x2000)

3m58.976317842s ago: executing program 5 (id=12127):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, 0x0, &(0x7f0000000140)=0xb0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000040)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r2, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r4, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, <r5=>0xffffffffffffffff})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r5, 0xd4857000)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000500)={0x0, 0x0, r3, r2, 0x3, 0xfffffff8, 0x4, 0x5, {0x2, 0x5, 0xfff, 0xa, 0xe, 0x9, 0x2, 0x5, 0xb, 0xd25, 0x9, 0x60b, 0x2, 0x10001, "6f4f1b1330d057b30bd15586b7445443c528a97436419c2cd5ae7297dceeb0be"}})
recvmmsg(r0, &(0x7f0000002780)=[{{&(0x7f0000000240)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f0000002400)=[{&(0x7f00000002c0)=""/84, 0x54}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000000080)}, {&(0x7f0000002340)=""/141, 0x8d}], 0x5, &(0x7f0000002480)=""/13, 0xd}, 0x6}, {{&(0x7f00000024c0)=@phonet, 0x80, &(0x7f0000002680)=[{&(0x7f0000002540)=""/86, 0x56}, {&(0x7f00000025c0)=""/164, 0xa4}], 0x2, &(0x7f00000026c0)=""/192, 0xc0}, 0xc}], 0x2, 0x40002020, &(0x7f0000002800)={0x0, 0x989680})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc0189379, &(0x7f0000002900)={{0x1, 0x1, 0x18, <r6=>r4}, './cgroup\x00'})
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000002940)={<r7=>0x0, 0xfa, "12c0a343410d816e7fbeb7db1e481082eedb6ac11103b172da64d6a601c4d3af1591acdb62aa47b51ec9c7182f2975e3eccd5ebef300dda965f9fd9172e17c5394104d0bf3aa07f9bd6e8b306346c7f59808bc6092cf6481ba00d12b82337d8983d57d4384595e7d0e50037b8cb7e354298efc855fa6dfa8bffbad47d954e05bb159467a3d6bb8f1ae2f6b513dec6fa3cd28a0acd1b75b7f22f6d19a013dbbd44be7171e38112eccf23b46613e806d7545bf44c5592bf7c51c5ba4a86d67c97f4dc5c50352710c32d742badb51f2932b43b36a075eb5f43c31170b228a43ac8752b8929a1d71f8d0555c4c295ba4d09556c5a271b80b4a6e5c96"}, &(0x7f0000002a80)=0x102)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r8, &(0x7f00000027c0)=[{&(0x7f0000002400)=""/19, 0x13}], 0x1)
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000002ac0)={r7, 0x7d47dded}, 0x8)
statx(0xffffffffffffffff, &(0x7f0000000000)='./cgroup\x00', 0x4000, 0x5dd, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
mount$bpf(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000200), 0x2000c0, &(0x7f0000002840)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB=',euid=', @ANYRESDEC=r10, @ANYBLOB="68b3d88acaa046f3ba8590b174d1031b8753a8b3765b9d199156f0a91c8256df9d86428052f7921776a2f2f91abf08f4aa478cdecece221e8222c47fd1723c70371a5a4d95b1f4e3f018eeca77830f7a0ff492f28ffc28d657"])

3m55.282604616s ago: executing program 36 (id=12089):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x24280, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, '\a\x00', "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", '\x00', "2a1e833e7af32011"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000280)=@gcm_128={{0x303}, "3c444bdaacdcab4d", "7c09e3c444d2f0ff2495408ac00bc823", "13d4610e", "05d41a5b745d371f"}, 0x28)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x8a)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, <r7=>0x0], &(0x7f0000000040), 0x5, r6})
r8 = socket$inet(0x2, 0x3, 0x7f)
setsockopt$inet_int(r8, 0x0, 0x3, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000380)={0x201, 0x1, &(0x7f0000000440)=[r6], &(0x7f0000000200), &(0x7f00000000c0)=[r7], &(0x7f0000000340)})
sendmsg$nl_xfrm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001f0001"], 0x40}, 0x1, 0x0, 0x0, 0x48000}, 0x10)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)
read$hidraw(0xffffffffffffffff, &(0x7f0000000000)=""/4, 0x4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

3m41.860113652s ago: executing program 37 (id=12127):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, 0x0, &(0x7f0000000140)=0xb0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000040)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r2, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r4, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, <r5=>0xffffffffffffffff})
mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r5, 0xd4857000)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000500)={0x0, 0x0, r3, r2, 0x3, 0xfffffff8, 0x4, 0x5, {0x2, 0x5, 0xfff, 0xa, 0xe, 0x9, 0x2, 0x5, 0xb, 0xd25, 0x9, 0x60b, 0x2, 0x10001, "6f4f1b1330d057b30bd15586b7445443c528a97436419c2cd5ae7297dceeb0be"}})
recvmmsg(r0, &(0x7f0000002780)=[{{&(0x7f0000000240)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f0000002400)=[{&(0x7f00000002c0)=""/84, 0x54}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000000080)}, {&(0x7f0000002340)=""/141, 0x8d}], 0x5, &(0x7f0000002480)=""/13, 0xd}, 0x6}, {{&(0x7f00000024c0)=@phonet, 0x80, &(0x7f0000002680)=[{&(0x7f0000002540)=""/86, 0x56}, {&(0x7f00000025c0)=""/164, 0xa4}], 0x2, &(0x7f00000026c0)=""/192, 0xc0}, 0xc}], 0x2, 0x40002020, &(0x7f0000002800)={0x0, 0x989680})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc0189379, &(0x7f0000002900)={{0x1, 0x1, 0x18, <r6=>r4}, './cgroup\x00'})
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000002940)={<r7=>0x0, 0xfa, "12c0a343410d816e7fbeb7db1e481082eedb6ac11103b172da64d6a601c4d3af1591acdb62aa47b51ec9c7182f2975e3eccd5ebef300dda965f9fd9172e17c5394104d0bf3aa07f9bd6e8b306346c7f59808bc6092cf6481ba00d12b82337d8983d57d4384595e7d0e50037b8cb7e354298efc855fa6dfa8bffbad47d954e05bb159467a3d6bb8f1ae2f6b513dec6fa3cd28a0acd1b75b7f22f6d19a013dbbd44be7171e38112eccf23b46613e806d7545bf44c5592bf7c51c5ba4a86d67c97f4dc5c50352710c32d742badb51f2932b43b36a075eb5f43c31170b228a43ac8752b8929a1d71f8d0555c4c295ba4d09556c5a271b80b4a6e5c96"}, &(0x7f0000002a80)=0x102)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r8, &(0x7f00000027c0)=[{&(0x7f0000002400)=""/19, 0x13}], 0x1)
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000002ac0)={r7, 0x7d47dded}, 0x8)
statx(0xffffffffffffffff, &(0x7f0000000000)='./cgroup\x00', 0x4000, 0x5dd, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
mount$bpf(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000200), 0x2000c0, &(0x7f0000002840)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB=',euid=', @ANYRESDEC=r10, @ANYBLOB="68b3d88acaa046f3ba8590b174d1031b8753a8b3765b9d199156f0a91c8256df9d86428052f7921776a2f2f91abf08f4aa478cdecece221e8222c47fd1723c70371a5a4d95b1f4e3f018eeca77830f7a0ff492f28ffc28d657"])

2m17.408778819s ago: executing program 8 (id=12699):
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000440), &(0x7f0000000000)=0x1e)

2m17.20145897s ago: executing program 8 (id=12700):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000001c0), 0x4)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000740), 0x8202, 0x0)
mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x8000000000000000) (async)
syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) (async)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000100)={0x1, "fa02c8098000", <r4=>0xffffffffffffffff}) (async)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000040)={0x2, "fa02c80a3a1e9d4b9aaf000000008d674fe69b5b7638dd031dd7504fe5809639", <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45bebe3f5b53e0ca34dd02acecdc67c5e3126628168", r4}) (async)
ioctl$SW_SYNC_IOC_INC(r3, 0x40045701, &(0x7f0000000280)=0x8000) (async)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(0xffffffffffffff9c, 0x0, r7, 0x0, 0x245) (async)
ioctl$SYNC_IOC_MERGE(r7, 0x40103e05, &(0x7f0000000080)={"df1c0000000000000000000000000000060000002000a4ffec00", r7}) (async)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_FMT(r8, 0xc0d05604, &(0x7f0000000180)={0xa, @win={{}, 0x0, 0x0, 0x0, 0xbd8b, 0x0}})
read(r0, &(0x7f0000000200)=""/175, 0xaf)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x1, 0xc, 0x6, 0x46c113ef}, {0x7, 0x1, 0x3, 0x3}, {0xba2, 0xad, 0x94, 0x2}, {0x7, 0x1, 0x5, 0x6}]}, 0x10) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x100010, 0xffffffffffffffff, 0x57c00000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

2m17.019808816s ago: executing program 8 (id=12701):
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000440), &(0x7f0000000480)=0x18)

2m16.886078899s ago: executing program 8 (id=12702):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0x3, 0x8, 0x3, 0x0, 0x0, {0x1, 0x0, 0x8}, [@CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x88}]}, 0x20}, 0x1, 0x0, 0x0, 0x200c8}, 0x80) (fail_nth: 2)

2m16.274108063s ago: executing program 8 (id=12706):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder-control\x00', 0x2, 0x0)

2m16.209168877s ago: executing program 8 (id=12707):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = dup(0xffffffffffffffff)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x266940, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
r4 = dup(r3)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
r6 = userfaultfd(0x1)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000180))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000200)=0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) (async)
r7 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) (async)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r7, 0x1, &(0x7f0000000340)={0x2000, r8}, 0x0)
landlock_restrict_self(r7, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc) (async)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
ioctl$UFFDIO_UNREGISTER(r6, 0xc020aa08, &(0x7f00000001c0)={&(0x7f00000b0000/0x2000)=nil, 0x2000})
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x11, 0xffffffffffffffff, 0x3000) (async)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x11, 0xffffffffffffffff, 0x3000)
ioctl$F2FS_IOC_MOVE_RANGE(r8, 0xc020f509, &(0x7f0000000380)={<r9=>r6, 0x8000000000000000, 0x6718})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r9, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2, 0x0, 0x97, 0x1})
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000280)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000280)={0xc})
r10 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0)
read$nci(r10, &(0x7f0000000100)=""/107, 0x6b) (async)
read$nci(r10, &(0x7f0000000100)=""/107, 0x6b)
write$nci(r10, &(0x7f0000000100)=ANY=[], 0x4)
write$apparmor_exec(r10, &(0x7f0000000080)={'stack ', '&({:}$[\x00'}, 0xe) (async)
write$apparmor_exec(r10, &(0x7f0000000080)={'stack ', '&({:}$[\x00'}, 0xe)

1m46.829660064s ago: executing program 38 (id=12707):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
r0 = dup(0xffffffffffffffff)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x266940, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
r4 = dup(r3)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
r6 = userfaultfd(0x1)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000180))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000200)=0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) (async)
r7 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) (async)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r7, 0x1, &(0x7f0000000340)={0x2000, r8}, 0x0)
landlock_restrict_self(r7, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc) (async)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
ioctl$UFFDIO_UNREGISTER(r6, 0xc020aa08, &(0x7f00000001c0)={&(0x7f00000b0000/0x2000)=nil, 0x2000})
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x11, 0xffffffffffffffff, 0x3000) (async)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x11, 0xffffffffffffffff, 0x3000)
ioctl$F2FS_IOC_MOVE_RANGE(r8, 0xc020f509, &(0x7f0000000380)={<r9=>r6, 0x8000000000000000, 0x6718})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r9, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r2, 0x0, 0x97, 0x1})
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000280)={0xc}) (async)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000280)={0xc})
r10 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0)
read$nci(r10, &(0x7f0000000100)=""/107, 0x6b) (async)
read$nci(r10, &(0x7f0000000100)=""/107, 0x6b)
write$nci(r10, &(0x7f0000000100)=ANY=[], 0x4)
write$apparmor_exec(r10, &(0x7f0000000080)={'stack ', '&({:}$[\x00'}, 0xe) (async)
write$apparmor_exec(r10, &(0x7f0000000080)={'stack ', '&({:}$[\x00'}, 0xe)

37.892084039s ago: executing program 6 (id=13236):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x44081) (fail_nth: 2)

37.320234194s ago: executing program 6 (id=13240):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x101, 0x300}})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r1, &(0x7f0000000100)=""/159, 0xfffffe5a)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x1010, r2, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000001540), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000280)={0x0, 0x19, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r4, 0xc01864b1, &(0x7f0000000340)={r6, 0x1})
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r3, 0x80084121, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000040000)

36.695593136s ago: executing program 6 (id=13245):
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
write$cgroup_int(r0, &(0x7f0000000000)=0x4, 0x12)

36.63829912s ago: executing program 6 (id=13247):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
r2 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
sendmmsg(r2, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)="dd97b079aa8dc092ae203c3becf99d7d1e8567fe904e2f042c80d5027fa27db1790a9db531b5b7413e35851cde73231ad4f9c70ddd8ce4e7cf62dcc1ad551de7e2043ac66f7c5bd5ceef17d5", 0x4c}, {&(0x7f0000000180)="7aa969fc3553c0678dfd2dfe7dd3174853fee37363a11ef511141874e0e9325806e5bbe547e91b48c808f9b085fa2aba8cac698239b72e6f3b911dee6d0d55d298f934545e8f23ad3e5537219a71bb", 0x4f}, {&(0x7f0000000200)="6e28f83fceef6c89ad5f8a2a11719d89b195aa434fed5b8401f59b036a2e209b1d3dafd9f99976b3893563dcd68d6e73b02af85928b3820f5db018f988337666a133c2d7506cf6cd5483160e5bc5fff609efee3064d91fe790037ae5c25c58f3f05af6dc8c7397b9d10a88f71ec60a66c13ffaeb7eed886351d90c2e71bf399364b4202f4fbecd5baeb0bb282fa85fb3197a7ac2b0c7c0eb035ab72d9ac82095a7a5cbc1b1881e6669309fdda8055311b488a579577a03e09a9a533b65087e7b1f70618da7b12534b0354bbecca2bd6a4e8d872d8689035eaea5c2835024e2e2", 0xe0}, {&(0x7f0000000300)="3b0556730cadc592c7716097799435a62837058385f28e13cd6cdce5", 0x1c}], 0x4}}, {{&(0x7f0000000380)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x8}, 0x80, &(0x7f0000000400), 0x0, &(0x7f0000001040)=[{0x88, 0x108, 0x0, "70180b7c2abc8d90b91b9ef3dde671b57d73ae634f126781bc59377c69c510eb25185411b467de62eedfc428e732e05538083b4231bceaa7e901d1db89cef81bf2035703f83bff5b0ff03b6c25b12e917b1fe1860fa1a5046e426e37d909f2604bc18f9ee19826a7e9f1c49b7eba0563df75c617"}, {0xd0, 0x0, 0x7, "cc45b5408ece2cf405851ad9cfa8a3c084ffc69ad928cd75dd7e0cf223d5fd14f4e3eac12d323339e929241dd5864cd9e22704e31e00b0bcabdda50ab2b4ed3c7e1cc80804bf3ce4c8c739e4cb8436a76af8dba94a07a91fec26d6e86f72e7e559439bb35ba522830dd3739dc772611ce7864edf84c8d3683b213c9a64ab5334f084816fee037cbff0e7f4301fc75510b3fd2f565ff498728596896aa0991d98731e1e00ad6691be4df89faac644d13b5e0a1f7a77e33461a5"}, {0xd8, 0x104, 0x0, "61017b1121287354488cfcedfa6c82cc88ae9b53e596835d058c3fd754d2caafb9cfbb80a817588ea4a54b0d6678651076bae8c6951a3605990abe23b1316b0412379d67bc5d44bd480b7019a0b9c24ea52ebe320613ed151e54b56b001877f02190b6b5410c964f167b1bf3c41f5ba42abb19b121c14d7bfd2a04f80b12758bb8044d506e8a078c55c5dbe3969b32364282c76f04a4b3cb939bf91fffc800a081740bb9323d528f06874c1aec386af72459d5fc9d87ee6e0ef003d76a9b62a6be41116f"}, {0x20, 0x107, 0x1, "f61b8906c24f969af2a31879f295"}, {0x78, 0x88, 0x38000, "0a7e2fedb354a6d69e9742d3eb2ebd94b1ae214159958d7891596f411a724c66d369f1414b27bfcb5be4fde4b3326b45a8056edd9ad804d858e176509ffbf869254809503d5e1c1ecee82ad4b2c5200f101d519d7d64876e50a5f80815c9c1f1f003076a73405569"}, {0x1010, 0x101, 0x4, "bbabc6a6a826fa326123dd518a79669a919496d1a8a0575a467ad8bd4d5525e5256a1d33c89db1d8c8ab3f4099a8bffd6ef1ea51cf54b4c7d74ffdef14a095afdb5173c411afbb758abf8d9b3c3fb9a3fe8f9b7aaa428097b04945b3dc85610fcf232c25568c0ee6c7ab0c44943cdcb9919f46c4bff1ce1b62327a8525d35ff713b964d8ce330052cdfc33611e284b8372ce3e84621cbae614bc79b2c1e44d64c1caa00efac959ac6bb670b2a01fb098356f21dd5e60e0cc7aabdc7e1da09ac4ee72b1392a3b8a4bcbf215d3f9c1565c039e33facc9c4bdd7700ba3f94160299672850ebc5aedc1ce1ca7f790af14b6e287118f548bccff6d992198fffa44436c4cccb75bb668b83c6b78fd38a128fab9488337441fb0c91b6bf28699061ce3864414d668d29496fb3d41e7e085bbb9d4b35e0d71c8f32cc0ecd4449febd5af068730422ef3710120b949808602e404e7229f6a18344b5cf62a0dde150a73fd21aeeb12b3060838c2d0060c1cecf4a806a744de73e07aed03443a936488d48ef2e1d584a120f605823ee883f600969fb2949fce79f3d38a506998fce5b3d2713831350b38f1c4ef838a4c301ffdcd086cfb9eefae3f667e19ad9c460b677894bfbdb2e62eecee46e3c4d1dc2a195968b1fc181a754b4414d9b618d0876113b49f13df9a695c68b316eba4fb6a79f9531861a7df7c263461fefccf83c0dbba06cb08106a56dd9153f38f30565f5d30e35780ff38a40164a896779e9fb183317fe882f60374c99dd82e155bb21d3b6aad788a29f6a845c11734366993f8d19780d3bc99a68456d342bd52397063aefc1615bdcb4598c498a73585223bd9d9f40fcfa38d09fc77d7617f240f1685bb641d166b1c059cb87bbc90705beae16f3b56fea87a71685efe0767c738343df088ab7e1186e289fc6d637a720de9ddff5b8444c9c0d0d965bb2c2649334cc0e14e126a31f8dfbf60fb3ff427e579f8760eba0a9fbde4587f2dd2f8da71d589d93301beb42a0ed54bde946a1b6d24396018daa44849a4fdb55070f49cec3ac31c194ad1830c15bc350ac9feee86d109af50357fc272977c01b10b1d55f7f995cbd54d5dcd15f65054ea690eb147223059097fca82a481ec6cb62157b7d4ce3bc6f8f1a9cbc2a2dd4987654829b954f37d54f1200d98d65186078f23ec2dfa430d888a17e53bee32415630ebeeeb397ab7f25852d26516fbf17cc502be825aecf2d4bd4842dac119bd40e2dd71ba981ca29efa512b4174e8214f76e9e2684c609d29101a5cb5fc4a6b8bcee44c0bc810039f9f32be53b5e5fafd9e1cc40293ecb20442b6e433e90514c2a1562427584734de6fb15544abd5b799ce0ffa240266fd1e05615f7e31c4d35c3117237dd65e6e5825e38438db2fcb4150d352af6334cfffcb6f4416b398c13fa0da9d99d1ee959d518c168e451771248e544b2e96ced6b7bd310eb220d6e28fdab8a99c03510e60950b10a344e33eabce2dd08d613b99c1bb7be29d19dd20819fd770986c3f4f8b881589563c0f35fc9e50fd2523defcc07d62c7ed04fc85e7f67bf36ffec60d145382385f92bbc39549b01c353a96ab9b59e9521b192860aa034ca14e33ee2e72bd404e565f9aa7856ef82923c7d3875017847b21e9caa94883ad4386511e082dfccca3f33a431dae39112dcc7f771c19b54d0df3ec7a7ea233234f0fdc7dd0b1d3e633ee3060ec8641d5554abd13bb41e4cadd6ad16451643a4e6bd51561a2541cbdebc0d680c2dac3f84f57abc6e709d6377a76b2c79d2ecbd2d13c7d62905444953024e01953fd65fa0dea5ab32cb7f78374e63da612b118a649b5271cdd80c25ceef31a9004c578a52a7f15dc94102f49251f7880b1d315e99b04c6d144646603b5878acf2d91863cc3ab5b78589a5d0b119f12610a0feb8cd7ce3ec32f32303fe56f5906bd91055c73ecf5caab4a7210982eaff7a62ca3fb073e6593902b65dc8dd3f775de91f1cb217f8a0ad7201c7902e12399121cdd98b17e2745387870251d51737fc2287c6fdb4dc96ea68245d20882258ba94e8a180c57373769647c97b214ffedf743a4e1a599fccf428e0a16c10507eda1cf53c38ffd676fa2b5a3000c525302b3d84e1ca6a845b29ab26e6973d81b320c91bf00040777bf66764c849b305cbdb52b4b9fd565193f66d30b38d9292a04ebf5538a2166319f818c795cc820cbf54fd0b102da4c2c143ae2e211cb10c7edec35dc9c12f0dd8434ba03a371f03f33d202a668890e3986c11fd3ba1a69205c0ede7c13c69599f105aa26639956a69385886426ab7e9d058aec634ef206364b969849aee8774e042b405582b3dd11eea3645a74887879ff555b974869a7b128077e7962538daec9866f3595df3ee06985b06dcabdd55d1415a5eb4802125e0967c8a46fdfda13c6730a047e319b4df920e30ea65d46fde2c2b35dcea2cb4d60880a80463fe9881b31ffce586d109faf7300c78ce757c0eebfca3a2e31f61cfc5b47859192f7c64de0877f025cae2b28e035b2eccc737e83c91bc34a7887badb5ff84e8aafb1d2e9e13ac94f27098a168b3ddaa8d4de79ece1665746c7a9952d597a1f2ce7ffbdde684790dde2a1a19ac8a02e2bf3cec7b48e1af17e2a34c7cc62ade577950660c9eb15b503df0a82745964c87a0e2148b6a90d3dab59d6fcc944ae3ebdebc28b7a864d3952320c964b010f3d641e0e53d2144a897a923c5dc3b1b95df5794f49ce53cb5f5ccff476eec98dab3d1daef60763e36a5734f1affa79713d3598fca87c5655e5c0a76b291b9a6d15285cd594bf10e51aacace192e425c4de15e4b2da9e0e288feba29a411c0289c5a1c5b9f45f4b5e78d14990a9a1bc40a9790b1e9cf9673fef578fa565ef24c7a750df6c567cd0366987948229c4777a5dbf3403aae7f845a3756f6865a21ef4d9e4249c812577fb518a442ee72bd5eef15a963c4e1ca2847663a91abc58f5a796c5c52db24880d6a114a5fde3ae2c87b032337b7e3e3aca9f8cbe86e28cf7ae3dcaecbe35c7acf65e8e3d091f7e79acfef9d03fb0ca431259f5dc25cc4caa05a108fa17e6c65d785f047309fa8270edab5064eb82989c17fe0b7ad1703fd65811e6f3a2d61ade377579c5f05075bd35a171c2a7900ba19a5703adeb852572dda7e8a435f22358b994d7c6edb6bfa3e40c0d9faad9b00f6677de79cec036587039668e5eb22fe9a570f98353b2588a8bfc293f74838abe70f4580029fa3f522a0b675e5822b2af4277f179ddbecdb7d927873af322c976d4b4ab12d28b4aa78610aaf631e67d9b56045640acd8fdbcaf4b19ddaca7c3154653ceaad3de6a3cad7be8b2671afde6ecb2a859c60707907b3939bd9b7b92d00fd90db2c126c3e3df648cb5a20f3759fe151804695232753628dd7ccfa8270266358587b71f9aac4445c3d84a2ca220aa6911af715315b6c9228908b7e65f0dfe4631a61494b322af09af1f3ca000a38d96184032add2ddcbdfb6ed547cb130833b44844874a9da85afaf931b6e4908df45b0daaaa4d9d3b18b83bb3fa08860920bd6e46d28b7cee1482a0bf37cfe0a98d11a0ad79281efa675b2a5c81d15fb490230edfa328bd635b919d8257bf77e28d83949b02463a09f5fa453f6d4790885032f5c92f9592adcf1845ccfb233be8171618ca5c6a10f859bf56dd0cff4a62b31a6e091c8db77725100d3c20bf3119e179d5f44859aaae62676f74f50723dd634325dcfa53bcf47dc189604084bc939877d9fec859e4e419ea880609a078d0d7374807a1b71375f2a5d69fde5102263f089b47ee2f589adaeec001666cf36a70e023c5bca48bd5d8ef7b6baf07725bf02fc3f89c2b13ad2d13d2a8d6aeadb331a549f22bf95810b86cc65132c19a78f01785d93c6ee56c97f8fdf53d5b15b62d511e6a6e74edf74ba85ab91f60e00cf967ed0deefa9957a31bd158e8c1915f8944bfb8b0778ea018d69657bd2eb4d70c2c8314e7fefb177a78bb178211d91c53c7614cee59741488803da461a2d32ad6cda1d0352ad3d36da812f368fb19a366ffb205cec1f2148ec1a542000b9aa1714c50aa2ea535773ab8075574cca7415e627c75973e7b4b64d74df1a01ffc4b5c7be100c8d5d04e6cf070bb8dd7f108dd4aa501b373d246efc94ea76de255d8153c4115977c8208268f7fa11b10a6676329b6d82d91f92f58651431b145dbbe94f67d833535ac3f6873c83225dd0870ebcc5bd565db680af6f86ef29c4c4d8f05b2ebdf16524dbb9e8f38c1d3a3e8fed04992f6d3e6332ac9d47d9fbf6065bc484749339bcae07f20db33d91f103fc56f13c8365820248af1940e9b59f2fa6bc10e48e995de534b9b87acdd23d137e88b54710a5f84a7561173a972fb139fcd7860720c9a8b958ccdc33437ade8acf3e84413745cb118e8550d6749c248a4a6b407ad2b2decbc5970b91e26135fc02ac5802cf3d2eb089108d73b5f15ebae34c4f3fd7ebbd2487045aa16ba3931a84d7d524410965b839f66b2bd6bdec9c0091ef615016cc46b2b0645a65ba7b84509f383455da24ff4a81933cc9f614d2987e0391dfe32d7405b97c7da0939d4223f02bad277d7f1292a01f1d409b6e270a0e7c5cb242f49bf82f57ffe7792141c25c64db98c962ac83f60752f1713d5c927066b9080252b810e1889d6e40cb2cad69c6b0c05d8279fb96f9b47e3e0916b30f4330c65626cce529dc33de54907a62b100a0073e3eeee0bb862d8de9fbe4928ff102dad7844f13e4e0f69e7cd10c9cc1f96cbe1818782e035277d54978df4a55bd651026ff608bc032666500b54a82eeb74bf5ea3bb8cd5300611dc55c836cc56489414f2ce03820ac4efbe70ee0802fc2640ebd82fe6d0f1824f785d0d5b7e1a1f237a3b692ef04879a52567f86d2609d0fbe3c35ed9faedab87a666415ab656432e7402d8c62e612189416b088e88e95caeb53dad23a432e4b97b29361f7fbae3bb9b4da740961b72ad61e0a8ea4eeb8cc67e970190ae4b43266c5ae8ec3161086251091932eecfdf174a28b93d2d50bc44be121e5bd9732dbb8729e7715fcd19ef413a8567072c38ce6cc0e80157fc50087140cb77c54b0bb6d9319796abddfbe917c630a98d9bf123ac8187bc1a7192070194ac6fba13ccae284732cc111468c967ab6207a3bc68009c64d75264b8240caa229480fa5111c2bf4205bf693c345d553cf607285cdce434ad8db0c221c752f498992415f6b436ead110bc81636e32da766dbcb49325bafc60090043c22e947f2b535184feb0c3686e0b9f222db6fc29d080b849b40bd29b06276c1f37833601600b69cf069c809f2d1a3c537be7da6a88851e684f499ff3acd1839dd1fff451f6d046a748d8de8c2ba0b20845008e3342032d96f4f19ece259ff2e0b5a76605a0fdc14b229b7f789852401d666ebb7695527af3a14e37f45b4c2673199f91c63364af68f90041844e3189e91cc77437bb004d6c44498349ee4dbd5df8978880418e700902ca0836824bafc38602122c2c15ba8744e9b0bbdb1209697d206da28f4b1b763f034be12dd0074797c5896f17f1e61ebd8ef70cc6e930cf743ca741432b02c08a35bb84f2f6b5b0d34e75cb388ad873245f9b03fb9bdddb182e4fb461f94ef1dc1079518954ae5c1914300375341054ab6400cebc17398b96ec149fe55c56e850c5e727633cf3c268cc9729cf638d7393f55af18d351c387abcd2b39a6f560feb9ec1fc0007509ebcf4792fbb25c18f20eefe458498c7bbd941"}], 0x12d8}}], 0x2, 0x40040)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x18, 0x1411, 0x1, 0x70bd2d, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}]}, 0x18}, 0x1, 0x0, 0x0, 0x40880}, 0x24040800)
r4 = syz_open_procfs(0x0, &(0x7f0000001340)='coredump_filter\x00')
write$binfmt_script(r4, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000580)={'wg0\x00'})
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000400)={@dev, @remote, <r5=>0x0}, &(0x7f00000004c0)=0xc)
ioctl$sock_inet6_SIOCDELRT(r4, 0x890c, &(0x7f0000000500)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @empty}, @private2, 0x9, 0x1, 0x200, 0x100, 0x1, 0x40000100, r5})
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="ec000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000800050001000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5420800050000000000900008808c00008024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c640009801c"], 0xec}, 0x1, 0x0, 0x0, 0x4084}, 0x24000010)

36.363581245s ago: executing program 6 (id=13249):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r1, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000a40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @empty}}}], 0x20}, 0x0)
sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2c, 0x0, 0xb, 0x801, 0x0, 0x0, {}, [@NFTA_COMPAT_TYPE={0x8}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24044084}, 0x44000)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
write$binfmt_register(r2, &(0x7f0000002300)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x3ff, 0x3a, '.', 0x3a, '#:', 0x3a, './file0'}, 0x2a)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x20)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000100)=0x1)
mmap$fb(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r3, 0x6f000)
ioctl$USBDEVFS_WAIT_FOR_RESUME(r3, 0x5523)
r4 = socket$igmp(0x2, 0x3, 0x2)
sendto$inet(r4, &(0x7f00000001c0)="d78febf14b9228cb7c28ecaa27a9d4a4d9b60d28a520543dfc2f8e12dac8a9e4ed70b49c6ac97192df58c12855307ba24d3c7453d16e88ed3471ab04feaf4518c35327fd00aace7aaac66b3cff6389997b58fd158d1306cb6f616ad54ab1231a28d117b6eeb77ac17c5cbea27546074cfedc066b24f401f98528199ffc74a2759090c9f58f329614dd8065dbe27ede90ef8e1ba436e7c289b17477d8366ccfe6f917064d868d32961d42447acdb83bc05306eedd9e21f067f6d62669d1c09cac706695f7ff0d9a6976532063c17d1e251f4c3ed4e67929f768685180eda4b9604fb79d02ea9b0b4286f93d4502735c64a09af270ecc7e0f541653c676beb05192549c4426852887f357f0ac569893861e3432d65c6b3a4c42b29ddd28708aebf7e883ca3e20e05dedf2ae5f037bb77e8660aad5458bb0b95594b7eacfc8ca640af39ce8df3ab52a9ac3f4e2a97ec615a28b17f804646c83114a33761351aa966d29609bf1dbb94f637fa8b90e6f58f624014bc157e997ebf862866c47aa18afcf982fbccda4136bf3936a5d4dc9a6925f19e48626c7906a1e6abefd66df439f758c57a5bf2aab115cde936d688a89e63239d7ecb450b9f7ec402875a71f0ecde0e27bf7774b577b8269768ce956016d099c86dc3a61e1791ee9247cb5e91d523b3534544b5eebbd462c0ec3621c8ec6692d122e5c73a87e1e4788e1616abfd5579e03542ce7ebebaa8bf8b34e516908f77a8f59270ece29399d36f1dfd6be85333694ca5c69df81fcf536a75d537b14f442f68420d9f76a0de24d34c166273103949539071666481d4d7b841054d6d95c81005cdbb28b55ff3e09a1d99c3d038e913a3ca126f12455a014e5e0b09be831de0beafdf71f89026c60d65588fda7cd2f5b127dfef2c5d174750bcf5f544d7386ed5cc3a632f6a30e43ba48321b22c78189c490d3af4b06751e7ef3af68db44f55da076ef975217737bf8087abc3c7353a536c83c0cd1cdb82a4fda0783debba1493e46c75affce04036654338d6a76062befdf53d33f412536d29493d21c4b2cef87b2b78786d48d99922a2f1afe57d991ea872f9d0a42428f35ccf516b515b67bed463bee6b491ce285cf481c301f50c9ff49f0b5658e6ba36319a1b90089f723e331ef094608820d357198e970006e13252de18e2fc991c6ad6bf72c714aa2cb94057515ca6e6103e232c0b6792df8c536e1f43a7eadffea504a7d125b37c17786a7db7343d6e38d3d567b9c93d0b5984a0bde550d8ba0bb64521d07841877f4a09e3ea8486a996f44c489b36f31107fbc9778d0cdbaa7f0fd390e57cdadef799e390d56c08549fb31d09e45c604a5915f8c302f0ad1c02c7a576170e04dcf150d106017f534441471f9e2b74366db5e16d25a235e83286141300ac5dc745a9c52a76fcde199f012ada1e8334798a2c29ea26dd8d45567fb021cb4155d382fb6464b4117895a7ab83644cbc3079791adf328ada770d4cfa9dbebd0a515cc963cf4513b69c44eb2e8695c2703e445ce5b6f422dac5f6217457f52006f52ad129c7fa8d65fac77527328081bdc841f4e06e88bf150c04667244233abc9ade3bd41fc35a02d741be4e1ca2709025591dc8bd3f0776d70390d8ada90d19090e6c739c914034852efd8e57cda895e1b18adb10bb70476c595d62d7fa9ab531fe0416d4b6f22cec00bb449ca896601d66ee81c2ac52a21ac70aa3febe26c8677a400908f569bc9316732a6820355093e1f98e182fc0325f979b94fe3c15e303ada443821bd1540d65cd6e2a9834b2d8d5dfe1f2d2656bad466b87f164d1ac3884cf653498e49bff047d16ff37cd8e098a0ed668e724822d53184ca824dd89a7eb8e0cfe4ca839d7574d835fe0f693b1b2bf8760c58347abae985857d0d2e435f1125461e26c9a480dd0ba97fae6cfeb72c3f0d239f35e0a1eef698302d2ec0e23a8b2b5d146a5ca9dd38fcf38a5febe90ebdac9beceb05abdfbf57fb6be0199c5cb5cfcdb309cd75f246330c737a41910ef9fc67aaa23311e4a676417406fa98bdd431b670cccee53699b8603050148108b5784f4fa9a17cbff6149447abc14997d67ec3f6387e089ffde796678f00572d3c5aac6dab9944d212a7089f1ad911b614397fb1a45b8082d90e146d84bd614b49f0df9a9de30b7e4dc41ba7db08db6cd78c482a8d27302e51ea4fa482e0c83dde45df79ad4481c0745bb754edb92e67b5ea76fe9a3d671955f6b474f52bf14a0707a24efdd220add61965f8c535af65b84b2d7c161604ab0c3337653075ebf1e3c3f87c0f9e09f8c81db623c3ba36e6e2854874b6bf4b2ca73ced0be0366873e88e53facbdb31797704d8c42f75a87f3bb20dc756bf545eb818a4127fd45f5aa82501fb6f593f8d37b5951cd2dcfeb39b79953e0a5eaa6467de8e5d408b09e6c4bcbda7d19d154c5aebfc0c09fe084e5aa1bdff6d2dbd5191b04b9d49f1531623aa6f4b53a8a7161ac87867f81fe72e57056ebfa5fe891dc79f7181ed25f1cf671ff0843869e156a058a7bfc094adb2b8956ff2695dfebfc8185d81a9b167b388f241725c2997ea5e4ddcbc3afa84c8ce6d9c7b32deabc476f65f1c6e2bd8c74948e68a2493b7106939c812a53ff6458238b4c79fc43ef7807f9ca1265283ad84e5617426fa7ccd2a12705228b8c2d2452d42322c0fe5db58cb8a9f145c5b144d710780978bf0cfe7397ab5966eef5933cd48d798415009af751431ff4a9190f5480a32320198d9e43515d255cee574a0b64bcb9fe0364b36a753f20b8a092dc0bf08db2ebc3da10ca80bbd2e32b5951211d128048b7a4e495e664be7e30cc5fae69ea8f518fd6ca99d2c2ba6d64e08d5f16d7908c99afd59273bf2a9991ed12aceb010e2b7e33f940913787c75d3d6012d90bd532d908b1f009907d451ad633af7d51993d61df4c46c5ff942e3494e324cf889e064b995c1e4b55bbc9227c1137acb381487b0be6b7f9569f58fe1ed00c90a9ae5a516802e7da74cc0167b404651c342aa9b427ccb9c2767ba01bf6b29cd0feeab6718deb769c70342e0e6911824a6ff76bdc05a270020785842c410fec46f91cdfea546c6abbe7fd197b8f650e60c46a9b8ef3613057dd967aea049ec12c4205846bca50d2baa565831c0c948a9325b69a9d90e58fcdb17ac3260ebb30923cf9a69e8e4dde9a3fbf396b69e13661cad0335f4f153121295b19062387808bde5584967b5854dafabf00630f62de7ecccc24856d2a2ee341ecfa85caa4ab00cba6f8d2c4b1e226653f3866ca892ced5625a6869fb670b1ca305dc9ff814f8e732374127bfb50009a9fa96097cf891984c22977ad46e3a4cad6b93c08ed6822a61369da5885ddcf1729fe74f490cf14d42f4d70bc6e8c63d67e16dd923d5a6442ca0a94b1a95192dd11921c5486d7b4f6c183341671c8426020dc7b9b50eb49fe9de22724750862c8ea4210a0d69e55e8425751f1e708ebe53afd7ed3b2f15adac0ae8b07fa5bfb6942bfb4c252f4d96eb1ac503d6c78d7dc30f1b1415f68adb6e5b5f7521c9d38bef740756be6cba99bb5b8b39c01e489f4a5ad2fffa6b6c3da4ee633fa466674411d043315780824aeff6f1235bfa9b20056ae58ad1bc79b38cbd08838d8a06d04f98c8d61d69539b2b76ad3e28e319ef9496b91b7eca73f6d9edc4b6a349dd57049602a29aeea391ec4b34bdc14cd13ba08038aeef7e661aa115cd84c40baa2cf6468a74eb4d86a31d2919dd499161557df873cd40769dbea06095521ad771de11c98ed1042baacfd802ceae1f86f51260c4627ff79555f52fc0c1d9035bc1efd2943598dd2fc9fca4719ed0edb6e5f0120e861e0ad6647034394c053d9c27db7e7a2b28238cf26858375d557c1bdd177095eb6675f23f3c325233a3cb408e90b0b3f5bc2c3aad7a521c2ba9ac31ea5bd42248185582dc5c57ba00d2006bdcc870e213d950d077a2e76ddd9952a9d440bbc0809d1d7a44b29336a396207794e188473bbec37aeed51d268606dc7a652e8c8209b489269d1325855f820c029705d33b4d573ed4d710fa1fe2b609c56c630894f84b1a939c98fa35b2fa331efc7d3bb6b13edcc75b32ece97ca037a23fb8ec9e9334cfab4a4112aa4564fb7bf7c548f4551c500f4bf00908ca90c925e414d3fe6986e5fd12ecf7292a7e531f80af0d06cdef78992da227c73ba6374d987f5b7654b46f6f5a3b234217173ecaa85880095ddf1afc23a7751b4512edf3c99fbcec534efdd9d11f18f18277fa9539ae30a26b23c3f131ab547593aab04f6680ae887dbabae0da8758749e630a325e78fff53c45723ad15081dcc91f529f1a306858cf4ef8767e13bdc02e4d4f0260786cb71ca5cc6b012fdd684a7a5dbdf557f0935b41a55e564d307caba7d0b00644a293d8c81133c0587eb0bf2fa054a1e160b62b37b2ab128bff5d4f872c71198e435bd65fcb9cde8c8feb591ee4de4ef1e8113182eb567ae7efe57cfa2a4e828f51b564b09e233665c7bfd87e58055b9c5c020fc3d6c3f615edddcf7dda967cf8aad690f465899eff383be6fbcb344b312f45b5bd5ddea3ceb7e54c0fa1d16a9ec5d5fb3ff1f61267543d1f50a890101650f3c69e45b8aac4081a7d6fea5fd1eb594bbd577aa899b921d79f91feefa7aa62a32252b919f6616c264ea6f6822f4924d4215aea84dd7ef8e7557c29e02270877613472be6bb1599cdd1f6ab7a6a98aa8370f2dbeadec65b1b259a691c29e11e581d92a80ba74382010c05caec4eb61bf65f878c42c8b8596c2647e9cb0bda76eaac2e4aed9018027f82bf9b8d1d22c3848f8c082a4e09f9dce6a220f0b1c55ec3f8e3ca004f61b33381899679cfc74913cff50dca2b981e75fc49748f7d1f015b69fde73b466bfb1741d480ef1b3ec799594ea8bde4f025c093c9334709858d9311ab8802128924fb261a1ab7a176e7d0748274b91180b8248583b1e18a573d590abaeb4c372501a9921adca055691ab61026ad81b8b3ccd2ab3685ce64a5d9c2d293548d9580e24c45f2b17f8ea4a130929aebd6bc1e28a7cc75e49f018acf798890ba34bff0b11ffe8436c248b279d5552e334f9e3020ded0bffa750a1784fdd27eccbd09f7c7dd93202f92ca6a83797bd183e9a6fbb915abcc55217ced3e89a11a6856da113cf7df208a48340bdfb3302e692c4e11e4db8ed54eb5bd858b92c387f2764e0bda181a35b491792e7c6b79b54edb302cca0dbdef378bd1c06a9465754364176c14ba1dccf98ad41fa2ea237b31a793b51cba46f22932d08be4f2d10be9cb49e45d7547b04a5cc55cd163f2ed48668ea2648e1a0ae859b9999819635fd8ffa0f176252ebfd24460dc0c9219a8de21b1fed4da27ea10283cb16b2a89f6faa3a796819c5085dcf2b71f8c6ab7482cf37ccdccc94811270ca0bdea56ede0799fa5740374a77e575f2dc750bab98a86dcac143dd070972456e899b630639ad6ee03964a9e3ebb0fcc50636332554d1756663bcf576f820fc74d3d1da5cc34eb7a4b031207cc925e847a91b16fd48b9f35c5d3088273f900acb8bb71f2fa5c152431d7efc6c22a5fb94e6818fc85af72d14c99270fb28341ee82877689fe11b0e61eb22dd61378cb7631fdb6ba1be1c81c1c70c83b02078805655afa5f186e68c1bf9624af69d27f46559400748ee93637c533b1442778b0fc122410ca47bcfd97d841d5f607a084b820f2bd681e712a0497bf77627ea34f4f537237769ff0e4248dad1626bea8d93b67045ab46922a", 0x1000, 0x40080, &(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10)
rt_sigaction(0xd, 0x0, 0x0, 0x0, 0x0)

36.294385266s ago: executing program 6 (id=13250):
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000500)=@xdp={0x2c, 0xdd86, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x5b0}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x20000084) (fail_nth: 5)

20.1435309s ago: executing program 39 (id=13250):
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000500)=@xdp={0x2c, 0xdd86, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x5b0}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x20000084) (fail_nth: 5)

4.195795876s ago: executing program 0 (id=13446):
r0 = syz_io_uring_setup(0x7, &(0x7f00000002c0)={0x0, 0x4e7, 0x10000, 0x3, 0x35e}, &(0x7f0000000880), &(0x7f00000008c0))
r1 = syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, r0}, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x807, 0x83, 0x6, 0xfffa}, 0x2000001d, [0x8000, 0xc95a, 0x12, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x49, 0x39cc191b, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x4, 0x8, 0x2, 0x4, 0x3c5b, 0x90, 0x24, 0x9, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x2, 0x4c74, 0x80000000, 0x242, 0x0, 0x6, 0x1000, 0x71, 0x7, 0x7, 0x1, 0x7, 0x0, 0x3f, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x0, 0x8, 0x0, 0x5, 0x0, 0x5, 0x6, 0xb, 0x4, 0x7, 0x40], [0x10000007, 0xffff, 0x8000012d, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcd, 0x409, 0x9, 0x2bf, 0x6c9, 0x8, 0xfffffffc, 0x3, 0x0, 0x7, 0xeb, 0x5573, 0xe, 0x312, 0x78, 0xea4, 0x0, 0xda7a, 0x4, 0x8000, 0x2009, 0x400, 0x401, 0x6, 0x7, 0x4, 0x5, 0x5, 0x5f2e, 0x4, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0x0, 0xef61, 0x7, 0x8000, 0x0, 0xfe000000, 0xffff, 0x2, 0x7f, 0x8, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0x3, 0x0, 0x4, 0xfffffffe, 0x9, 0x8d2, 0x4, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x20004, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0xff, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0xfffffffd, 0xd, 0x4, 0x6d01, 0x5, 0x9, 0x800000, 0x1fd, 0x80, 0x3, 0x400, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x5, 0x5, 0x5, 0xac8, 0x7, 0x2, 0x3, 0x7ff, 0xfffffff9, 0x0, 0x1, 0xffff, 0x8000003, 0x6, 0x1e, 0x120000, 0x3, 0x3, 0xa2ed, 0x404, 0x25], [0x9, 0xbb31, 0x296, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x53f53814, 0x2, 0x7, 0x22, 0x3, 0x101, 0x10000, 0x6, 0x207fff, 0xffff, 0x2, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x95d, 0x5, 0x8, 0xc8, 0xee1, 0xfffff000, 0xffff, 0x3, 0x7e, 0x20100, 0x9603, 0x7, 0x2, 0x4, 0x6, 0x1, 0x50080, 0x5, 0x8, 0x1000, 0xa1f, 0xc, 0x7, 0x1, 0x6c1b, 0x8000, 0x4, 0x5, 0xb1e, 0x1, 0x200, 0xffff3441, 0x7]}, 0x45c)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
r3 = socket$inet6(0x2d, 0x2, 0x0)
bind$inet6(r3, 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r2, 0x7040, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073"], 0x7c}}, 0x0)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x2c, r5, 0x38, 0x70bd29, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x40}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x80}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4004)
clock_gettime(0x0, &(0x7f00000001c0)={<r6=>0x0, <r7=>0x0})
ppoll(&(0x7f0000000180)=[{r1, 0x60}], 0x1, &(0x7f0000000240)={r6, r7+10000000}, &(0x7f0000000280), 0x8)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

3.205381632s ago: executing program 0 (id=13454):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000002780), 0x800, 0x0)
r1 = fsopen(&(0x7f0000002880)='befs\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000028c0)='timer1\x00', 0x0, r0) (fail_nth: 1)

3.028941637s ago: executing program 0 (id=13455):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000002780), 0x800, 0x0)
r1 = fsopen(&(0x7f0000002880)='befs\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000028c0)='timer1\x00', 0x0, r0)

3.028321344s ago: executing program 9 (id=13456):
mount$9p_rdma(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x800, &(0x7f0000000800)={'trans=rdma,', {'port', 0x3d, 0x4e23}}) (fail_nth: 3)

2.944460314s ago: executing program 0 (id=13458):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
read(r0, &(0x7f0000000100)=""/159, 0xfffffe5a)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x2880)
write$P9_RLERRORu(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="0e00000001020001000200ffffff"], 0xe)
unshare(0x22020400)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
listen(r3, 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x10, r2, 0x1000000000000000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

2.595363015s ago: executing program 9 (id=13460):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x60, 0xd0804}], 0x1, 0x4000)

2.569194704s ago: executing program 9 (id=13461):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xa0020, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0x9362, 0x0)
socket(0x11, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2.450650041s ago: executing program 2 (id=13463):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2705ca3409e73b94, 0x2f, 0x1, 0x4, 0xc}}, 0x50)
open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x101000, 0x1e8)
read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_IOCTL(r0, &(0x7f0000000040)={0x20, 0x0, r2, {0x5, 0x0, 0x5, 0x6bc}}, 0x90)

2.363589745s ago: executing program 9 (id=13464):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000180), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", "0500"}, 0x28)
sendto$inet6(r0, &(0x7f0000000400)="83", 0x1, 0x4000, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
recvfrom$inet6(r0, &(0x7f0000000040)=""/27, 0x1b, 0x41, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d81"], 0x0)

2.363441996s ago: executing program 0 (id=13465):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1)
read(r0, &(0x7f0000000180)=""/163, 0xa3)

1.447541322s ago: executing program 7 (id=13471):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x48)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESOCT=r0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

1.382098618s ago: executing program 2 (id=13472):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xa0020, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0x9362, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r1, 0xffffffffffffffff, 0x0)

1.293965573s ago: executing program 0 (id=13473):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000180)=ANY=[@ANYBLOB="020001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073"], 0x7c}}, 0x0)
r2 = syz_open_dev$mouse(0x0, 0x136d, 0xcc420)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0xfffb, 0x0, 0x6, 0x9}, {0x3, 0xf, 0xa, 0x2}, {0x3, 0x1, 0x2, 0xfffffffe}]})
syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582"], 0x0)

1.258926671s ago: executing program 7 (id=13474):
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000))
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

1.189710797s ago: executing program 2 (id=13475):
r0 = syz_usb_connect(0x6, 0x2d, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
lseek(r1, 0x0, 0xa070d3f783833e7f)
syz_usb_control_io$hid(r0, 0x0, 0x0)

1.063398591s ago: executing program 7 (id=13476):
recvfrom$unix(0xffffffffffffffff, &(0x7f0000000000)=""/77, 0x4d, 0x2000, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.pending_reads\x00', 0x200000, 0x2)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000140))
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r1=>0x0, <r2=>0x0}, &(0x7f0000000200)=0xc)
lchown(&(0x7f0000000180)='./file0\x00', r1, 0xffffffffffffffff)
mount$tmpfs(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x4000, &(0x7f00000002c0)={[{@usrquota_inode_hardlimit}, {@grpquota}], [{@measure}, {@fowner_eq={'fowner', 0x3d, r1}}, {@appraise}, {@subj_type={'subj_type', 0x3d, '\xff'}}]})
getpeername$unix(0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000003c0)=0x6e)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000400)={{0x3, 0x8}, 0x100, './file0\x00'})
fchown(r0, r1, r2)
recvmsg(r0, &(0x7f0000001bc0)={&(0x7f0000000540)=@rc, 0x80, &(0x7f0000001ac0)=[{&(0x7f00000005c0)=""/187, 0xbb}, {&(0x7f0000000680)=""/7, 0x7}, {&(0x7f00000006c0)=""/235, 0xeb}, {&(0x7f00000007c0)=""/151, 0x97}, {&(0x7f0000000880)=""/74, 0x4a}, {&(0x7f0000000900)=""/233, 0xe9}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000001a00)=""/4, 0x4}, {&(0x7f0000001a40)=""/119, 0x77}], 0x9, &(0x7f0000001b80)=""/9, 0x9}, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r3, 0x4068aea3, &(0x7f0000001c00)={0xa8, 0x0, 0x2})
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000001c80)={<r4=>0x0, @in={{0x2, 0x4e20, @private=0xa010102}}}, &(0x7f0000001d40)=0x84)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000001d80)={<r5=>r4, 0xe3}, &(0x7f0000001dc0)=0x8)
clock_gettime(0x0, &(0x7f0000001e40)={<r6=>0x0, <r7=>0x0})
futimesat(0xffffffffffffff9c, &(0x7f0000001e00)='./file0\x00', &(0x7f0000001e80)={{0x0, 0xea60}, {r6, r7/1000+10000}})
timer_create(0x1, &(0x7f0000002080)={0x0, 0x3b, 0x0, @thr={&(0x7f0000001ec0)="ea0cf7ef9126fe8d83009b3874cebc1c2b3ecbfb84a8847f3955f11c26d7bc93f577be4e511050c60357b2b8d0256c8f644cf39ef40ecaa21fd6d578180769e6e91531ff890b1fe060ad73fe25492b04f4372e587620b43e3977f9fedfd5aaaf94c035e73ecc265621efcccbd837e9138a9c98b586f37cdf5362e60f3568b7f41cdb08e995f46b9365b98f67059a7bddc10b4bab89669f2893193d4a7f5929d6bb752d8c9020b8ca5aa0aed5faa1cf7b31e81e", &(0x7f0000001f80)="36269fcf348914046aacf1d46ecec2e1bf1a9c9a704a8b9a166b263588289e30b584fa2b35abe195be6af621b10874787f1667215930f4a1908a06803bc86b19c060959738592de489d1d30420945974b0a04c805d80829ca1a22a6c1b6b942add93a32a65b4705c644e697a7fd6ecb80272650498fa38b413d7363152144948c8ce3f62b04df61f3d5b6f2dd1bcfe80a4b17edd0ad2073021ccf0be84ff6e1f6f1c0cd09717900f79bd7c7ecf36e1e8f58d55f92191c2d5527618d9a40068976bb0dd9b2a1c5b964bcfd96a5561acd3054a4ed2d825d5d250a170279657012000adb558fc552736519b3c860f35306bc0ec218aec8bf95da160d687"}}, &(0x7f00000020c0)=<r8=>0x0)
timer_settime(r8, 0x0, &(0x7f0000002100)={{0x0, 0x3938700}}, &(0x7f0000002140))
r9 = syz_io_uring_setup(0x5c27, &(0x7f0000002180)={0x0, 0xc513, 0x1000, 0x1, 0x50, 0x0, r0}, &(0x7f0000002200), &(0x7f0000002240))
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000022c0), r0)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000002400)={&(0x7f0000002280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000023c0)={&(0x7f0000002300)={0x98, r10, 0x400, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x54, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "0cbdc0de48c2b43336e17bd70f51ca410001bd941c8690c0d4b7fdb573"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x4000841}, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000002440)={r5, 0xf6}, &(0x7f0000002480)=0x8)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r3, 0xc0709411, &(0x7f00000024c0)={{<r11=>0x0, 0x7, 0x0, 0x3, 0xfa, 0x7, 0xe7f9, 0x7fff, 0x3a3, 0x10000, 0x7b7031d, 0x6, 0x6, 0x5, 0xa7}, 0x20, [0x0, 0x0, 0x0, 0x0]})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r9, 0xc0709411, &(0x7f0000002580)={{r11, 0x7, 0x5, 0x82, 0x8000000000000000, 0x5, 0x3, 0x6, 0x4131, 0xfffffff3, 0x4, 0x3, 0xb2f, 0xab, 0x8}, 0x8, [0x0]})
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000002600)={r4, 0x5, 0x7, 0x9}, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000002640), r0)
ioctl$HIDIOCAPPLICATION(r0, 0x4802, 0x7ff)
r12 = open$dir(&(0x7f0000002680)='\x00', 0x141000, 0x10a)
fsync(r12)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)

994.579737ms ago: executing program 7 (id=13477):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'batadv0\x00', &(0x7f0000000080)=@ethtool_wolinfo={0x6, 0x80000000, 0x8, "1befb95dc327"}}) (fail_nth: 4)

672.246539ms ago: executing program 9 (id=13478):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x60, 0xd0804}], 0x1, 0x4000)

591.548971ms ago: executing program 7 (id=13479):
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x3}}, './file0\x00'})
sendfile(r0, r1, &(0x7f0000000080)=0x9, 0x1)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f00000000c0)={0x5}, 0x1)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f00000002c0)=""/205, 0xcd)
r2 = socket$inet(0x2, 0x80000, 0xfffffbff)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f00000001c0)="890704285aef67af8dbdd2e1d571a952398b6b1b08601422cd0d5c8b8e8bebefa09c12dd1455bd67a817", 0x2a)

558.869488ms ago: executing program 9 (id=13480):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x6a3, 0xccb, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x9, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0xa, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x1, 0x7f}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000040)={0x0, 0x24, 0x4, {0x4, 0x5, '\x00\x00'}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xa2, 0xe5, 0xed, 0x20, 0x7c4, 0xa004, 0xb4df, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x8a, 0x0, 0x2, 0x24, 0xda, 0xe5, 0x0, [], [{{0x9, 0x5, 0x3, 0x2, 0x3ff}}, {{0x9, 0x5, 0x82, 0x2, 0x8}}]}}]}}]}}, 0x0)

505.891309ms ago: executing program 7 (id=13481):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1)
read(r0, &(0x7f0000000180)=""/163, 0xa3)

247.505003ms ago: executing program 2 (id=13482):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x48)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESOCT=r0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

147.659966ms ago: executing program 2 (id=13483):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xa0020, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=13484):
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000))
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

52.453488][T28175]  ? __pfx____ratelimit+0x10/0x10
[ 1852.453521][T28175]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1852.453546][T28175]  ? __pfx__printk+0x10/0x10
[ 1852.453577][T28175]  ? ref_tracker_alloc+0x318/0x460
[ 1852.453610][T28175]  should_fail_ex+0x414/0x560
[ 1852.453641][T28175]  should_failslab+0xa8/0x100
[ 1852.453671][T28175]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1852.453697][T28175]  ? skb_clone+0x212/0x3a0
[ 1852.453732][T28175]  skb_clone+0x212/0x3a0
[ 1852.453765][T28175]  __netlink_deliver_tap+0x404/0x850
[ 1852.453804][T28175]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1852.453832][T28175]  netlink_deliver_tap+0x19c/0x1b0
[ 1852.453860][T28175]  netlink_unicast+0x72f/0x8d0
[ 1852.453896][T28175]  netlink_sendmsg+0x805/0xb30
[ 1852.453939][T28175]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1852.453969][T28175]  ? aa_sock_msg_perm+0x94/0x160
[ 1852.453994][T28175]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1852.454026][T28175]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1852.454054][T28175]  __sock_sendmsg+0x219/0x270
[ 1852.454079][T28175]  ____sys_sendmsg+0x505/0x830
[ 1852.454111][T28175]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1852.454150][T28175]  ? import_iovec+0x74/0xa0
[ 1852.454176][T28175]  ___sys_sendmsg+0x21f/0x2a0
[ 1852.454208][T28175]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1852.454276][T28175]  ? __fget_files+0x2a/0x420
[ 1852.454308][T28175]  ? __fget_files+0x3a0/0x420
[ 1852.454351][T28175]  __x64_sys_sendmsg+0x19b/0x260
[ 1852.454384][T28175]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1852.454425][T28175]  ? __pfx_ksys_write+0x10/0x10
[ 1852.454449][T28175]  ? rcu_is_watching+0x15/0xb0
[ 1852.454481][T28175]  ? do_syscall_64+0xbe/0x3b0
[ 1852.454506][T28175]  do_syscall_64+0xfa/0x3b0
[ 1852.454526][T28175]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1852.454558][T28175]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1852.454580][T28175]  ? clear_bhb_loop+0x60/0xb0
[ 1852.454607][T28175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1852.454628][T28175] RIP: 0033:0x7f2b6c98e929
[ 1852.454647][T28175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1852.454666][T28175] RSP: 002b:00007f2b6d776038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1852.454688][T28175] RAX: ffffffffffffffda RBX: 00007f2b6cbb5fa0 RCX: 00007f2b6c98e929
[ 1852.454703][T28175] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[ 1852.454717][T28175] RBP: 00007f2b6d776090 R08: 0000000000000000 R09: 0000000000000000
[ 1852.454730][T28175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1852.454742][T28175] R13: 0000000000000000 R14: 00007f2b6cbb5fa0 R15: 00007ffd730add08
[ 1852.454775][T28175]  </TASK>
[ 1852.454907][T28175] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1852.930655][T28191] netlink: 'syz.7.13176': attribute type 29 has an invalid length.
[ 1852.939538][T28191] netlink: 'syz.7.13176': attribute type 29 has an invalid length.
[ 1852.949288][T28191] netlink: 'syz.7.13176': attribute type 29 has an invalid length.
[ 1853.081037][T28199] fuse: Bad value for 'fd'
[ 1853.247975][T28211] FAULT_INJECTION: forcing a failure.
[ 1853.247975][T28211] name failslab, interval 1, probability 0, space 0, times 0
[ 1853.265419][T28211] CPU: 1 UID: 0 PID: 28211 Comm: syz.9.13182 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1853.265448][T28211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1853.265461][T28211] Call Trace:
[ 1853.265470][T28211]  <TASK>
[ 1853.265479][T28211]  dump_stack_lvl+0x189/0x250
[ 1853.265507][T28211]  ? __pfx____ratelimit+0x10/0x10
[ 1853.265539][T28211]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1853.265562][T28211]  ? __pfx__printk+0x10/0x10
[ 1853.265592][T28211]  ? __pfx___might_resched+0x10/0x10
[ 1853.265614][T28211]  ? fs_reclaim_acquire+0x7d/0x100
[ 1853.265647][T28211]  should_fail_ex+0x414/0x560
[ 1853.265679][T28211]  should_failslab+0xa8/0x100
[ 1853.265707][T28211]  __kmalloc_noprof+0xcb/0x4f0
[ 1853.265730][T28211]  ? kfree+0x4d/0x440
[ 1853.265750][T28211]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1853.265781][T28211]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1853.265807][T28211]  ? tomoyo_domain+0xd9/0x130
[ 1853.265838][T28211]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1853.265879][T28211]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1853.265915][T28211]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1853.265951][T28211]  ? register_lock_class+0x51/0x320
[ 1853.266013][T28211]  ? __pfx_from_kgid+0x10/0x10
[ 1853.266045][T28211]  ? down_write_killable+0x178/0x230
[ 1853.266073][T28211]  ? __pfx_down_write_killable+0x10/0x10
[ 1853.266104][T28211]  security_path_chown+0x13d/0x360
[ 1853.266133][T28211]  chown_common+0x3bd/0x5c0
[ 1853.266163][T28211]  ? __pfx_chown_common+0x10/0x10
[ 1853.266194][T28211]  ? mnt_get_write_access+0x223/0x2a0
[ 1853.266229][T28211]  do_fchownat+0x161/0x270
[ 1853.266251][T28211]  ? __pfx_do_fchownat+0x10/0x10
[ 1853.266270][T28211]  ? __pfx_ksys_write+0x10/0x10
[ 1853.266305][T28211]  __x64_sys_chown+0x82/0xa0
[ 1853.266326][T28211]  do_syscall_64+0xfa/0x3b0
[ 1853.266346][T28211]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1853.266376][T28211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1853.266396][T28211]  ? clear_bhb_loop+0x60/0xb0
[ 1853.266421][T28211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1853.266442][T28211] RIP: 0033:0x7feb9ef8e929
[ 1853.266460][T28211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1853.266478][T28211] RSP: 002b:00007feb9fd73038 EFLAGS: 00000246 ORIG_RAX: 000000000000005c
[ 1853.266500][T28211] RAX: ffffffffffffffda RBX: 00007feb9f1b6080 RCX: 00007feb9ef8e929
[ 1853.266515][T28211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0
[ 1853.266528][T28211] RBP: 00007feb9fd73090 R08: 0000000000000000 R09: 0000000000000000
[ 1853.266541][T28211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1853.266553][T28211] R13: 0000000000000000 R14: 00007feb9f1b6080 R15: 00007fff0f430498
[ 1853.266585][T28211]  </TASK>
[ 1853.266594][T28211] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1853.635234][   T55] block nbd0: Possible stuck request ffff888025aa5080: control (read@0,1024B). Runtime 60 seconds
[ 1853.646207][   T55] block nbd0: Possible stuck request ffff888025aa5240: control (read@1024,1024B). Runtime 60 seconds
[ 1853.657274][   T55] block nbd0: Possible stuck request ffff888025aa5400: control (read@2048,1024B). Runtime 60 seconds
[ 1853.668857][   T55] block nbd0: Possible stuck request ffff888025aa55c0: control (read@3072,1024B). Runtime 60 seconds
[ 1853.988514][T28236] sctp: [Deprecated]: syz.9.13193 (pid 28236) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1853.988514][T28236] Use struct sctp_sack_info instead
[ 1853.996174][T28240] FAULT_INJECTION: forcing a failure.
[ 1853.996174][T28240] name failslab, interval 1, probability 0, space 0, times 0
[ 1854.019033][T28240] CPU: 0 UID: 0 PID: 28240 Comm: syz.0.13194 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1854.019063][T28240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1854.019076][T28240] Call Trace:
[ 1854.019085][T28240]  <TASK>
[ 1854.019094][T28240]  dump_stack_lvl+0x189/0x250
[ 1854.019125][T28240]  ? __pfx____ratelimit+0x10/0x10
[ 1854.019157][T28240]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1854.019183][T28240]  ? __pfx__printk+0x10/0x10
[ 1854.019213][T28240]  ? ref_tracker_alloc+0x318/0x460
[ 1854.019245][T28240]  should_fail_ex+0x414/0x560
[ 1854.019277][T28240]  should_failslab+0xa8/0x100
[ 1854.019306][T28240]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1854.019331][T28240]  ? skb_clone+0x212/0x3a0
[ 1854.019365][T28240]  skb_clone+0x212/0x3a0
[ 1854.019398][T28240]  __netlink_deliver_tap+0x404/0x850
[ 1854.019438][T28240]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1854.019466][T28240]  netlink_deliver_tap+0x19c/0x1b0
[ 1854.019493][T28240]  netlink_unicast+0x72f/0x8d0
[ 1854.019538][T28240]  netlink_sendmsg+0x805/0xb30
[ 1854.019575][T28240]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1854.019606][T28240]  ? aa_sock_msg_perm+0x94/0x160
[ 1854.019631][T28240]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1854.019662][T28240]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1854.019696][T28240]  __sock_sendmsg+0x219/0x270
[ 1854.019720][T28240]  ____sys_sendmsg+0x505/0x830
[ 1854.019755][T28240]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1854.019793][T28240]  ? import_iovec+0x74/0xa0
[ 1854.019819][T28240]  ___sys_sendmsg+0x21f/0x2a0
[ 1854.019850][T28240]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1854.019918][T28240]  ? __fget_files+0x2a/0x420
[ 1854.019948][T28240]  ? __fget_files+0x3a0/0x420
[ 1854.019991][T28240]  __x64_sys_sendmsg+0x19b/0x260
[ 1854.020023][T28240]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1854.020062][T28240]  ? __pfx_ksys_write+0x10/0x10
[ 1854.020097][T28240]  ? do_syscall_64+0xbe/0x3b0
[ 1854.020122][T28240]  do_syscall_64+0xfa/0x3b0
[ 1854.020145][T28240]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1854.020164][T28240]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1854.020186][T28240]  ? clear_bhb_loop+0x60/0xb0
[ 1854.020212][T28240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1854.020233][T28240] RIP: 0033:0x7f25e798e929
[ 1854.020252][T28240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1854.020271][T28240] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1854.020294][T28240] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1854.020310][T28240] RDX: 0000000000000080 RSI: 0000200000004340 RDI: 0000000000000003
[ 1854.020324][T28240] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1854.020337][T28240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1854.020349][T28240] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1854.020382][T28240]  </TASK>
[ 1854.378789][T28212] overlayfs: statfs failed on './file0'
[ 1854.772212][T28276] netlink: 12 bytes leftover after parsing attributes in process `syz.7.13208'.
[ 1854.874340][T28283] overlayfs: conflicting lowerdir path
[ 1855.233237][T28308] FAULT_INJECTION: forcing a failure.
[ 1855.233237][T28308] name failslab, interval 1, probability 0, space 0, times 0
[ 1855.246910][T28308] CPU: 0 UID: 0 PID: 28308 Comm: syz.6.13219 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1855.246940][T28308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1855.246954][T28308] Call Trace:
[ 1855.246963][T28308]  <TASK>
[ 1855.246973][T28308]  dump_stack_lvl+0x189/0x250
[ 1855.247002][T28308]  ? __pfx____ratelimit+0x10/0x10
[ 1855.247036][T28308]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1855.247061][T28308]  ? __pfx__printk+0x10/0x10
[ 1855.247090][T28308]  ? __pfx___might_resched+0x10/0x10
[ 1855.247118][T28308]  should_fail_ex+0x414/0x560
[ 1855.247150][T28308]  ? fuse_dev_splice_write+0x146/0xa00
[ 1855.247178][T28308]  should_failslab+0xa8/0x100
[ 1855.247207][T28308]  __kvmalloc_node_noprof+0x161/0x5f0
[ 1855.247235][T28308]  ? fuse_dev_splice_write+0x146/0xa00
[ 1855.247260][T28308]  ? __pfx_current_time+0x10/0x10
[ 1855.247287][T28308]  fuse_dev_splice_write+0x146/0xa00
[ 1855.247329][T28308]  ? touch_atime+0xf1/0x6d0
[ 1855.247354][T28308]  ? __pfx_fuse_dev_splice_write+0x10/0x10
[ 1855.247384][T28308]  ? shmem_file_splice_read+0xa74/0xbd0
[ 1855.247422][T28308]  ? __pfx_fuse_dev_splice_write+0x10/0x10
[ 1855.247451][T28308]  direct_splice_actor+0xfe/0x160
[ 1855.247485][T28308]  splice_direct_to_actor+0x5a8/0xcc0
[ 1855.247536][T28308]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1855.247564][T28308]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1855.247602][T28308]  ? __pfx_aa_file_perm+0x10/0x10
[ 1855.247634][T28308]  do_splice_direct+0x181/0x270
[ 1855.247666][T28308]  ? __pfx_do_splice_direct+0x10/0x10
[ 1855.247697][T28308]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1855.247732][T28308]  ? bpf_lsm_file_permission+0x9/0x20
[ 1855.247753][T28308]  ? security_file_permission+0x75/0x290
[ 1855.247785][T28308]  ? rw_verify_area+0x258/0x650
[ 1855.247816][T28308]  do_sendfile+0x4da/0x7e0
[ 1855.247836][T28308]  ? __pfx_vfs_write+0x10/0x10
[ 1855.247869][T28308]  ? __pfx_do_sendfile+0x10/0x10
[ 1855.247889][T28308]  ? __fget_files+0x3a0/0x420
[ 1855.247932][T28308]  __se_sys_sendfile64+0x13e/0x190
[ 1855.247967][T28308]  ? __pfx___se_sys_sendfile64+0x10/0x10
[ 1855.247997][T28308]  ? rcu_is_watching+0x15/0xb0
[ 1855.248027][T28308]  ? do_syscall_64+0xbe/0x3b0
[ 1855.248052][T28308]  do_syscall_64+0xfa/0x3b0
[ 1855.248072][T28308]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1855.248104][T28308]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1855.248125][T28308]  ? clear_bhb_loop+0x60/0xb0
[ 1855.248151][T28308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1855.248171][T28308] RIP: 0033:0x7f2b6c98e929
[ 1855.248191][T28308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1855.248209][T28308] RSP: 002b:00007f2b6d776038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1855.248232][T28308] RAX: ffffffffffffffda RBX: 00007f2b6cbb5fa0 RCX: 00007f2b6c98e929
[ 1855.248247][T28308] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000006
[ 1855.248259][T28308] RBP: 00007f2b6d776090 R08: 0000000000000000 R09: 0000000000000000
[ 1855.248272][T28308] R10: 00004000000053d2 R11: 0000000000000246 R12: 0000000000000001
[ 1855.248285][T28308] R13: 0000000000000000 R14: 00007f2b6cbb5fa0 R15: 00007ffd730add08
[ 1855.248317][T28308]  </TASK>
[ 1855.698321][ T5841] usb 10-1: new full-speed USB device number 30 using dummy_hcd
[ 1855.893110][ T5841] usb 10-1: not running at top speed; connect to a high speed hub
[ 1855.902383][ T5841] usb 10-1: config 1 interface 0 altsetting 1 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1855.913691][ T5841] usb 10-1: config 1 interface 0 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1855.928182][ T5841] usb 10-1: config 1 interface 0 has no altsetting 0
[ 1855.938054][ T5841] usb 10-1: New USB device found, idVendor=0738, idProduct=1705, bcdDevice= 0.40
[ 1855.947502][ T5841] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1855.961392][ T5841] usb 10-1: Product: ⦠᭗‑샬㩉鯪⊛꺜극뺺쓁嶟庪ඃ뉽죦쟝ᾘঀݡ㜽攉极ꍭ捩텽᤮輖櫅렷箶炋⺈⧊畍烯༸빸弄唴꓀䧯弚臠
[ 1855.979318][ T5841] usb 10-1: Manufacturer: ࠐ
[ 1855.988184][ T5841] usb 10-1: SerialNumber: 漛ᆋ鏥ᅺ逍復쬪벏另膅䉳阌傜௵窸൭ᩐꊱ쵋銗붸ᨿ︻䩡᠏敗땷䛊Ⳣꊙ䷔쬢ο뒧ޥ戴뇇ᔛ䠟㉢䩵잤讪콊䪕پ䫱쁭ﶉ嵜嘴๟닠刏귳喺⢯胅췗鱑貲㣿쇔聒ᲁ粷衣ಡ幾杢ꋯ鑄쌦ᶤ쁆㕸ꔜ銅Დ䂔鋰∋䑼㵸뎇옐ꨵ헆湾䪗籀䤂眝퐟쫍咲䥩撏녀楃徦┭
[ 1856.062744][ T5841] usb 10-1: rejected 1 configuration due to insufficient available bus power
[ 1856.131350][ T5841] usb 10-1: no configuration chosen from 1 choice
[ 1856.143572][T28328] FAULT_INJECTION: forcing a failure.
[ 1856.143572][T28328] name failslab, interval 1, probability 0, space 0, times 0
[ 1856.202699][T28328] CPU: 0 UID: 0 PID: 28328 Comm: syz.6.13227 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1856.202730][T28328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1856.202743][T28328] Call Trace:
[ 1856.202752][T28328]  <TASK>
[ 1856.202760][T28328]  dump_stack_lvl+0x189/0x250
[ 1856.202792][T28328]  ? __pfx____ratelimit+0x10/0x10
[ 1856.202823][T28328]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1856.202845][T28328]  ? __pfx__printk+0x10/0x10
[ 1856.202873][T28328]  ? __pfx___might_resched+0x10/0x10
[ 1856.202896][T28328]  ? fs_reclaim_acquire+0x7d/0x100
[ 1856.202931][T28328]  should_fail_ex+0x414/0x560
[ 1856.202961][T28328]  should_failslab+0xa8/0x100
[ 1856.202990][T28328]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[ 1856.203016][T28328]  ? simple_xattr_set+0xd5/0x380
[ 1856.203039][T28328]  ? trace_kmalloc+0x1f/0xd0
[ 1856.203066][T28328]  kstrdup+0x42/0x100
[ 1856.203098][T28328]  simple_xattr_set+0xd5/0x380
[ 1856.203127][T28328]  shmem_xattr_handler_set+0x1a0/0x2d0
[ 1856.203159][T28328]  ? __pfx_shmem_xattr_handler_set+0x10/0x10
[ 1856.203188][T28328]  __vfs_setxattr+0x43c/0x480
[ 1856.203231][T28328]  __vfs_setxattr_noperm+0x12d/0x660
[ 1856.203270][T28328]  vfs_setxattr+0x16b/0x2f0
[ 1856.203316][T28328]  ? __pfx_vfs_setxattr+0x10/0x10
[ 1856.203346][T28328]  ? sb_start_write+0x114/0x1c0
[ 1856.203370][T28328]  ? mnt_want_write_file+0x164/0x200
[ 1856.203396][T28328]  file_setxattr+0x1da/0x2b0
[ 1856.203432][T28328]  path_setxattrat+0x327/0x3a0
[ 1856.203466][T28328]  ? __pfx_path_setxattrat+0x10/0x10
[ 1856.203519][T28328]  ? ksys_write+0x1e1/0x250
[ 1856.203548][T28328]  ? __pfx_ksys_write+0x10/0x10
[ 1856.203572][T28328]  ? rcu_is_watching+0x15/0xb0
[ 1856.203601][T28328]  __x64_sys_fsetxattr+0xbc/0xe0
[ 1856.203623][T28328]  do_syscall_64+0xfa/0x3b0
[ 1856.203641][T28328]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1856.203671][T28328]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1856.203691][T28328]  ? clear_bhb_loop+0x60/0xb0
[ 1856.203715][T28328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1856.203738][T28328] RIP: 0033:0x7f2b6c98e929
[ 1856.203756][T28328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1856.203773][T28328] RSP: 002b:00007f2b6d776038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[ 1856.203794][T28328] RAX: ffffffffffffffda RBX: 00007f2b6cbb5fa0 RCX: 00007f2b6c98e929
[ 1856.203809][T28328] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1856.203821][T28328] RBP: 00007f2b6d776090 R08: 0000000000000002 R09: 0000000000000000
[ 1856.203834][T28328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1856.203846][T28328] R13: 0000000000000000 R14: 00007f2b6cbb5fa0 R15: 00007ffd730add08
[ 1856.203878][T28328]  </TASK>
[ 1856.860120][T28355] FAULT_INJECTION: forcing a failure.
[ 1856.860120][T28355] name failslab, interval 1, probability 0, space 0, times 0
[ 1856.871753][T28356] FAULT_INJECTION: forcing a failure.
[ 1856.871753][T28356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1856.873468][T28355] CPU: 0 UID: 0 PID: 28355 Comm: syz.0.13237 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1856.873514][T28355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1856.873530][T28355] Call Trace:
[ 1856.873540][T28355]  <TASK>
[ 1856.873550][T28355]  dump_stack_lvl+0x189/0x250
[ 1856.873585][T28355]  ? __pfx____ratelimit+0x10/0x10
[ 1856.873623][T28355]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1856.873651][T28355]  ? __pfx__printk+0x10/0x10
[ 1856.873685][T28355]  ? __pfx___might_resched+0x10/0x10
[ 1856.873719][T28355]  should_fail_ex+0x414/0x560
[ 1856.873755][T28355]  should_failslab+0xa8/0x100
[ 1856.873788][T28355]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1856.873816][T28355]  ? getname_flags+0xb8/0x540
[ 1856.873843][T28355]  getname_flags+0xb8/0x540
[ 1856.873865][T28355]  ? _copy_from_user+0x94/0xb0
[ 1856.873891][T28355]  user_path_at+0x24/0x60
[ 1856.873919][T28355]  __se_sys_mount+0x2d3/0x410
[ 1856.873962][T28355]  ? __pfx___se_sys_mount+0x10/0x10
[ 1856.873994][T28355]  ? rcu_is_watching+0x15/0xb0
[ 1856.874028][T28355]  ? do_syscall_64+0xbe/0x3b0
[ 1856.874049][T28355]  ? __x64_sys_mount+0x20/0xc0
[ 1856.874087][T28355]  do_syscall_64+0xfa/0x3b0
[ 1856.874120][T28355]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1856.874161][T28355]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1856.874182][T28355]  ? clear_bhb_loop+0x60/0xb0
[ 1856.874236][T28355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1856.874259][T28355] RIP: 0033:0x7f25e798e929
[ 1856.874282][T28355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1856.874305][T28355] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1856.874331][T28355] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1856.874351][T28355] RDX: 00002000000001c0 RSI: 0000200000000180 RDI: 0000200000000000
[ 1856.874369][T28355] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1856.874383][T28355] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000000001
[ 1856.874399][T28355] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1856.874435][T28355]  </TASK>
[ 1857.106656][T28356] CPU: 1 UID: 0 PID: 28356 Comm: syz.6.13236 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1857.106685][T28356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1857.106698][T28356] Call Trace:
[ 1857.106706][T28356]  <TASK>
[ 1857.106716][T28356]  dump_stack_lvl+0x189/0x250
[ 1857.106743][T28356]  ? __pfx____ratelimit+0x10/0x10
[ 1857.106774][T28356]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1857.106797][T28356]  ? __pfx__printk+0x10/0x10
[ 1857.106831][T28356]  should_fail_ex+0x414/0x560
[ 1857.106863][T28356]  _copy_to_user+0x31/0xb0
[ 1857.106886][T28356]  simple_read_from_buffer+0xe1/0x170
[ 1857.106921][T28356]  proc_fail_nth_read+0x1df/0x250
[ 1857.106943][T28356]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1857.106967][T28356]  ? rw_verify_area+0x258/0x650
[ 1857.107004][T28356]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1857.107024][T28356]  vfs_read+0x1fd/0x980
[ 1857.107057][T28356]  ? __pfx___mutex_lock+0x10/0x10
[ 1857.107077][T28356]  ? __pfx_vfs_read+0x10/0x10
[ 1857.107103][T28356]  ? __fget_files+0x2a/0x420
[ 1857.107136][T28356]  ? __fget_files+0x3a0/0x420
[ 1857.107163][T28356]  ? __fget_files+0x2a/0x420
[ 1857.107201][T28356]  ksys_read+0x145/0x250
[ 1857.107229][T28356]  ? __pfx_ksys_read+0x10/0x10
[ 1857.107250][T28356]  ? rcu_is_watching+0x15/0xb0
[ 1857.107278][T28356]  ? do_syscall_64+0xbe/0x3b0
[ 1857.107303][T28356]  do_syscall_64+0xfa/0x3b0
[ 1857.107321][T28356]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1857.107351][T28356]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1857.107371][T28356]  ? clear_bhb_loop+0x60/0xb0
[ 1857.107392][T28356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1857.107411][T28356] RIP: 0033:0x7f2b6c98d33c
[ 1857.107429][T28356] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1857.107459][T28356] RSP: 002b:00007f2b6d776030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1857.107481][T28356] RAX: ffffffffffffffda RBX: 00007f2b6cbb5fa0 RCX: 00007f2b6c98d33c
[ 1857.107496][T28356] RDX: 000000000000000f RSI: 00007f2b6d7760a0 RDI: 0000000000000004
[ 1857.107508][T28356] RBP: 00007f2b6d776090 R08: 0000000000000000 R09: 0000000000000000
[ 1857.107519][T28356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1857.107529][T28356] R13: 0000000000000000 R14: 00007f2b6cbb5fa0 R15: 00007ffd730add08
[ 1857.107578][T28356]  </TASK>
[ 1857.620110][T28373] FAULT_INJECTION: forcing a failure.
[ 1857.620110][T28373] name failslab, interval 1, probability 0, space 0, times 0
[ 1857.644188][T28373] CPU: 0 UID: 0 PID: 28373 Comm: syz.0.13244 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1857.644220][T28373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1857.644234][T28373] Call Trace:
[ 1857.644243][T28373]  <TASK>
[ 1857.644253][T28373]  dump_stack_lvl+0x189/0x250
[ 1857.644282][T28373]  ? __pfx____ratelimit+0x10/0x10
[ 1857.644315][T28373]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1857.644338][T28373]  ? __pfx__printk+0x10/0x10
[ 1857.644368][T28373]  ? ref_tracker_alloc+0x318/0x460
[ 1857.644401][T28373]  should_fail_ex+0x414/0x560
[ 1857.644433][T28373]  should_failslab+0xa8/0x100
[ 1857.644464][T28373]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1857.644493][T28373]  ? skb_clone+0x212/0x3a0
[ 1857.644528][T28373]  skb_clone+0x212/0x3a0
[ 1857.644561][T28373]  __netlink_deliver_tap+0x404/0x850
[ 1857.644602][T28373]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1857.644630][T28373]  netlink_deliver_tap+0x19c/0x1b0
[ 1857.644657][T28373]  netlink_unicast+0x72f/0x8d0
[ 1857.644693][T28373]  netlink_sendmsg+0x805/0xb30
[ 1857.644730][T28373]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1857.644760][T28373]  ? aa_sock_msg_perm+0x94/0x160
[ 1857.644785][T28373]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1857.644816][T28373]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1857.644844][T28373]  __sock_sendmsg+0x219/0x270
[ 1857.644869][T28373]  ____sys_sendmsg+0x505/0x830
[ 1857.644903][T28373]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1857.644941][T28373]  ? import_iovec+0x74/0xa0
[ 1857.644966][T28373]  ___sys_sendmsg+0x21f/0x2a0
[ 1857.644996][T28373]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1857.645064][T28373]  ? __fget_files+0x2a/0x420
[ 1857.645093][T28373]  ? __fget_files+0x3a0/0x420
[ 1857.645136][T28373]  __x64_sys_sendmsg+0x19b/0x260
[ 1857.645173][T28373]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1857.645212][T28373]  ? __pfx_ksys_write+0x10/0x10
[ 1857.645237][T28373]  ? rcu_is_watching+0x15/0xb0
[ 1857.645267][T28373]  ? do_syscall_64+0xbe/0x3b0
[ 1857.645292][T28373]  do_syscall_64+0xfa/0x3b0
[ 1857.645311][T28373]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1857.645343][T28373]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1857.645363][T28373]  ? clear_bhb_loop+0x60/0xb0
[ 1857.645388][T28373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1857.645408][T28373] RIP: 0033:0x7f25e798e929
[ 1857.645427][T28373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1857.645444][T28373] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1857.645467][T28373] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1857.645482][T28373] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000004
[ 1857.645497][T28373] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1857.645510][T28373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1857.645522][T28373] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1857.645554][T28373]  </TASK>
[ 1858.054788][T28377] syzkaller1: entered allmulticast mode
[ 1858.434631][ T5942] usb 10-1: USB disconnect, device number 30
[ 1858.941089][T28404] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1859.486445][T28416] FAULT_INJECTION: forcing a failure.
[ 1859.486445][T28416] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1859.499785][T28416] CPU: 1 UID: 0 PID: 28416 Comm: syz.7.13259 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1859.499814][T28416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1859.499828][T28416] Call Trace:
[ 1859.499837][T28416]  <TASK>
[ 1859.499846][T28416]  dump_stack_lvl+0x189/0x250
[ 1859.499875][T28416]  ? __pfx____ratelimit+0x10/0x10
[ 1859.499907][T28416]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1859.499931][T28416]  ? __pfx__printk+0x10/0x10
[ 1859.499954][T28416]  ? __might_fault+0xb0/0x130
[ 1859.499988][T28416]  should_fail_ex+0x414/0x560
[ 1859.500019][T28416]  _copy_from_iter+0x1db/0x16f0
[ 1859.500055][T28416]  ? rcu_is_watching+0x15/0xb0
[ 1859.500080][T28416]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1859.500107][T28416]  ? __pfx__copy_from_iter+0x10/0x10
[ 1859.500140][T28416]  ? __build_skb_around+0x257/0x3e0
[ 1859.500180][T28416]  ? netlink_sendmsg+0x642/0xb30
[ 1859.500204][T28416]  ? skb_put+0x11b/0x210
[ 1859.500232][T28416]  netlink_sendmsg+0x6b2/0xb30
[ 1859.500273][T28416]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1859.500302][T28416]  ? aa_sock_msg_perm+0x94/0x160
[ 1859.500326][T28416]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1859.500356][T28416]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1859.500382][T28416]  __sock_sendmsg+0x219/0x270
[ 1859.500406][T28416]  ____sys_sendmsg+0x505/0x830
[ 1859.500439][T28416]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1859.500474][T28416]  ? import_iovec+0x74/0xa0
[ 1859.500499][T28416]  ___sys_sendmsg+0x21f/0x2a0
[ 1859.500529][T28416]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1859.500610][T28416]  ? __fget_files+0x2a/0x420
[ 1859.500638][T28416]  ? __fget_files+0x3a0/0x420
[ 1859.500679][T28416]  __x64_sys_sendmsg+0x19b/0x260
[ 1859.500708][T28416]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1859.500745][T28416]  ? __pfx_ksys_write+0x10/0x10
[ 1859.500769][T28416]  ? rcu_is_watching+0x15/0xb0
[ 1859.500797][T28416]  ? do_syscall_64+0xbe/0x3b0
[ 1859.500822][T28416]  do_syscall_64+0xfa/0x3b0
[ 1859.500842][T28416]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1859.500873][T28416]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1859.500893][T28416]  ? clear_bhb_loop+0x60/0xb0
[ 1859.500918][T28416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1859.500939][T28416] RIP: 0033:0x7f8fd778e929
[ 1859.500957][T28416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1859.500974][T28416] RSP: 002b:00007f8fd8534038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1859.500995][T28416] RAX: ffffffffffffffda RBX: 00007f8fd79b5fa0 RCX: 00007f8fd778e929
[ 1859.501012][T28416] RDX: 0000000000000004 RSI: 0000200000000240 RDI: 0000000000000003
[ 1859.501025][T28416] RBP: 00007f8fd8534090 R08: 0000000000000000 R09: 0000000000000000
[ 1859.501037][T28416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1859.501050][T28416] R13: 0000000000000000 R14: 00007f8fd79b5fa0 R15: 00007ffe48499e98
[ 1859.501079][T28416]  </TASK>
[ 1859.787423][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1860.022870][T28420] FAULT_INJECTION: forcing a failure.
[ 1860.022870][T28420] name failslab, interval 1, probability 0, space 0, times 0
[ 1860.070818][T28420] CPU: 0 UID: 0 PID: 28420 Comm: syz.7.13260 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1860.070850][T28420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1860.070864][T28420] Call Trace:
[ 1860.070872][T28420]  <TASK>
[ 1860.070881][T28420]  dump_stack_lvl+0x189/0x250
[ 1860.070910][T28420]  ? __pfx____ratelimit+0x10/0x10
[ 1860.070950][T28420]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1860.070974][T28420]  ? __pfx__printk+0x10/0x10
[ 1860.071002][T28420]  ? __pfx___might_resched+0x10/0x10
[ 1860.071031][T28420]  should_fail_ex+0x414/0x560
[ 1860.071062][T28420]  should_failslab+0xa8/0x100
[ 1860.071092][T28420]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1860.071116][T28420]  ? getname_flags+0xb8/0x540
[ 1860.071139][T28420]  getname_flags+0xb8/0x540
[ 1860.071162][T28420]  user_path_at+0x24/0x60
[ 1860.071185][T28420]  __se_sys_mount+0x2d3/0x410
[ 1860.071223][T28420]  ? __pfx___se_sys_mount+0x10/0x10
[ 1860.071251][T28420]  ? rcu_is_watching+0x15/0xb0
[ 1860.071280][T28420]  ? do_syscall_64+0xbe/0x3b0
[ 1860.071299][T28420]  ? __x64_sys_mount+0x20/0xc0
[ 1860.071331][T28420]  do_syscall_64+0xfa/0x3b0
[ 1860.071350][T28420]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1860.071381][T28420]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1860.071400][T28420]  ? clear_bhb_loop+0x60/0xb0
[ 1860.071424][T28420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1860.071443][T28420] RIP: 0033:0x7f8fd778e929
[ 1860.071460][T28420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1860.071477][T28420] RSP: 002b:00007f8fd8534038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1860.071497][T28420] RAX: ffffffffffffffda RBX: 00007f8fd79b5fa0 RCX: 00007f8fd778e929
[ 1860.071513][T28420] RDX: 00002000000002c0 RSI: 00002000000001c0 RDI: 0000000000000000
[ 1860.071527][T28420] RBP: 00007f8fd8534090 R08: 0000200000000200 R09: 0000000000000000
[ 1860.071541][T28420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1860.071553][T28420] R13: 0000000000000000 R14: 00007f8fd79b5fa0 R15: 00007ffe48499e98
[ 1860.071584][T28420]  </TASK>
[ 1860.711658][T28448] FAULT_INJECTION: forcing a failure.
[ 1860.711658][T28448] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1860.779736][T28448] CPU: 0 UID: 0 PID: 28448 Comm: syz.0.13266 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1860.779769][T28448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1860.779783][T28448] Call Trace:
[ 1860.779791][T28448]  <TASK>
[ 1860.779801][T28448]  dump_stack_lvl+0x189/0x250
[ 1860.779830][T28448]  ? __pfx____ratelimit+0x10/0x10
[ 1860.779872][T28448]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1860.779897][T28448]  ? __pfx__printk+0x10/0x10
[ 1860.779921][T28448]  ? __might_fault+0xb0/0x130
[ 1860.779959][T28448]  should_fail_ex+0x414/0x560
[ 1860.779991][T28448]  _copy_from_user+0x2d/0xb0
[ 1860.780014][T28448]  memdup_user+0x5e/0xd0
[ 1860.780047][T28448]  strndup_user+0x68/0xd0
[ 1860.780078][T28448]  __se_sys_request_key+0x15f/0x340
[ 1860.780109][T28448]  ? ksys_write+0x22a/0x250
[ 1860.780135][T28448]  ? __pfx___se_sys_request_key+0x10/0x10
[ 1860.780174][T28448]  ? do_syscall_64+0xbe/0x3b0
[ 1860.780199][T28448]  do_syscall_64+0xfa/0x3b0
[ 1860.780218][T28448]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1860.780247][T28448]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1860.780267][T28448]  ? clear_bhb_loop+0x60/0xb0
[ 1860.780291][T28448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1860.780311][T28448] RIP: 0033:0x7f25e798e929
[ 1860.780329][T28448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1860.780346][T28448] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[ 1860.780368][T28448] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1860.780382][T28448] RDX: 0000200000000140 RSI: 00002000000000c0 RDI: 0000200000000080
[ 1860.780396][T28448] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1860.780408][T28448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1860.780420][T28448] R13: 0000000000000001 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1860.780450][T28448]  </TASK>
[ 1861.554874][T28471] FAULT_INJECTION: forcing a failure.
[ 1861.554874][T28471] name failslab, interval 1, probability 0, space 0, times 0
[ 1861.599585][T28471] CPU: 0 UID: 0 PID: 28471 Comm: syz.9.13274 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1861.599617][T28471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1861.599630][T28471] Call Trace:
[ 1861.599639][T28471]  <TASK>
[ 1861.599649][T28471]  dump_stack_lvl+0x189/0x250
[ 1861.599679][T28471]  ? __pfx____ratelimit+0x10/0x10
[ 1861.599714][T28471]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1861.599738][T28471]  ? __pfx__printk+0x10/0x10
[ 1861.599769][T28471]  ? ref_tracker_alloc+0x318/0x460
[ 1861.599801][T28471]  should_fail_ex+0x414/0x560
[ 1861.599834][T28471]  should_failslab+0xa8/0x100
[ 1861.599864][T28471]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1861.599889][T28471]  ? skb_clone+0x212/0x3a0
[ 1861.599923][T28471]  skb_clone+0x212/0x3a0
[ 1861.599957][T28471]  __netlink_deliver_tap+0x404/0x850
[ 1861.600012][T28471]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1861.600041][T28471]  netlink_deliver_tap+0x19c/0x1b0
[ 1861.600069][T28471]  netlink_unicast+0x72f/0x8d0
[ 1861.600105][T28471]  netlink_sendmsg+0x805/0xb30
[ 1861.600143][T28471]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1861.600175][T28471]  ? aa_sock_msg_perm+0x94/0x160
[ 1861.600200][T28471]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1861.600231][T28471]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1861.600259][T28471]  __sock_sendmsg+0x219/0x270
[ 1861.600284][T28471]  sock_write_iter+0x258/0x330
[ 1861.600319][T28471]  ? __pfx_sock_write_iter+0x10/0x10
[ 1861.600363][T28471]  ? bpf_lsm_file_permission+0x9/0x20
[ 1861.600384][T28471]  ? security_file_permission+0x75/0x290
[ 1861.600435][T28471]  vfs_write+0x548/0xa90
[ 1861.600469][T28471]  ? __pfx_sock_write_iter+0x10/0x10
[ 1861.600502][T28471]  ? __pfx_vfs_write+0x10/0x10
[ 1861.600534][T28471]  ? do_sys_openat2+0x154/0x1c0
[ 1861.600555][T28471]  ? kmem_cache_free+0x18f/0x400
[ 1861.600597][T28471]  ksys_write+0x145/0x250
[ 1861.600629][T28471]  ? __pfx_ksys_write+0x10/0x10
[ 1861.600653][T28471]  ? rcu_is_watching+0x15/0xb0
[ 1861.600684][T28471]  ? do_syscall_64+0xbe/0x3b0
[ 1861.600711][T28471]  do_syscall_64+0xfa/0x3b0
[ 1861.600730][T28471]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1861.600761][T28471]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1861.600782][T28471]  ? clear_bhb_loop+0x60/0xb0
[ 1861.600809][T28471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1861.600830][T28471] RIP: 0033:0x7feb9ef8e929
[ 1861.600849][T28471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1861.600868][T28471] RSP: 002b:00007feb9fd94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1861.600890][T28471] RAX: ffffffffffffffda RBX: 00007feb9f1b5fa0 RCX: 00007feb9ef8e929
[ 1861.600906][T28471] RDX: 0000000000000024 RSI: 0000200000000100 RDI: 0000000000000005
[ 1861.600920][T28471] RBP: 00007feb9fd94090 R08: 0000000000000000 R09: 0000000000000000
[ 1861.600932][T28471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1861.600945][T28471] R13: 0000000000000000 R14: 00007feb9f1b5fa0 R15: 00007fff0f430498
[ 1861.600978][T28471]  </TASK>
[ 1861.601030][T28471] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13274'.
[ 1861.792640][T28476] kvm_intel: kvm [28469]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xff
[ 1861.847968][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1862.646589][T28500] FAULT_INJECTION: forcing a failure.
[ 1862.646589][T28500] name failslab, interval 1, probability 0, space 0, times 0
[ 1862.646633][T28500] CPU: 1 UID: 0 PID: 28500 Comm: syz.0.13283 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1862.646659][T28500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1862.646681][T28500] Call Trace:
[ 1862.646689][T28500]  <TASK>
[ 1862.646699][T28500]  dump_stack_lvl+0x189/0x250
[ 1862.646729][T28500]  ? __pfx____ratelimit+0x10/0x10
[ 1862.646762][T28500]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1862.646787][T28500]  ? __pfx__printk+0x10/0x10
[ 1862.646813][T28500]  ? __pfx___might_resched+0x10/0x10
[ 1862.646838][T28500]  ? fs_reclaim_acquire+0x7d/0x100
[ 1862.646872][T28500]  should_fail_ex+0x414/0x560
[ 1862.646905][T28500]  should_failslab+0xa8/0x100
[ 1862.646935][T28500]  __kmalloc_noprof+0xcb/0x4f0
[ 1862.646958][T28500]  ? tomoyo_mount_permission+0x27a/0x970
[ 1862.646980][T28500]  ? tomoyo_encode+0x28b/0x550
[ 1862.647008][T28500]  tomoyo_encode+0x28b/0x550
[ 1862.647035][T28500]  ? tomoyo_mount_permission+0x27a/0x970
[ 1862.647060][T28500]  tomoyo_mount_permission+0x331/0x970
[ 1862.647092][T28500]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[ 1862.647171][T28500]  security_sb_mount+0xec/0x350
[ 1862.647201][T28500]  path_mount+0xbc/0xfe0
[ 1862.647231][T28500]  ? user_path_at+0x44/0x60
[ 1862.647252][T28500]  ? kmem_cache_free+0x18f/0x400
[ 1862.647287][T28500]  __se_sys_mount+0x317/0x410
[ 1862.647326][T28500]  ? __pfx___se_sys_mount+0x10/0x10
[ 1862.647355][T28500]  ? rcu_is_watching+0x15/0xb0
[ 1862.647385][T28500]  ? do_syscall_64+0xbe/0x3b0
[ 1862.647405][T28500]  ? __x64_sys_mount+0x20/0xc0
[ 1862.647439][T28500]  do_syscall_64+0xfa/0x3b0
[ 1862.647458][T28500]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1862.647490][T28500]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1862.647511][T28500]  ? clear_bhb_loop+0x60/0xb0
[ 1862.647537][T28500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1862.647558][T28500] RIP: 0033:0x7f25e798e929
[ 1862.647578][T28500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1862.647596][T28500] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1862.647638][T28500] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1862.647655][T28500] RDX: 0000200000000040 RSI: 0000200000000140 RDI: 0000000000000000
[ 1862.647676][T28500] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1862.647689][T28500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1862.647707][T28500] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1862.647740][T28500]  </TASK>
[ 1862.828079][T28504] random: crng reseeded on system resumption
[ 1863.323545][T28516] FAULT_INJECTION: forcing a failure.
[ 1863.323545][T28516] name failslab, interval 1, probability 0, space 0, times 0
[ 1863.337087][T28516] CPU: 0 UID: 0 PID: 28516 Comm: syz.0.13286 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1863.337115][T28516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1863.337128][T28516] Call Trace:
[ 1863.337137][T28516]  <TASK>
[ 1863.337146][T28516]  dump_stack_lvl+0x189/0x250
[ 1863.337174][T28516]  ? __pfx____ratelimit+0x10/0x10
[ 1863.337207][T28516]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1863.337231][T28516]  ? __pfx__printk+0x10/0x10
[ 1863.337261][T28516]  ? ref_tracker_alloc+0x318/0x460
[ 1863.337293][T28516]  should_fail_ex+0x414/0x560
[ 1863.337324][T28516]  should_failslab+0xa8/0x100
[ 1863.337353][T28516]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1863.337377][T28516]  ? skb_clone+0x212/0x3a0
[ 1863.337411][T28516]  skb_clone+0x212/0x3a0
[ 1863.337443][T28516]  __netlink_deliver_tap+0x404/0x850
[ 1863.337482][T28516]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1863.337509][T28516]  netlink_deliver_tap+0x19c/0x1b0
[ 1863.337537][T28516]  netlink_unicast+0x72f/0x8d0
[ 1863.337571][T28516]  netlink_sendmsg+0x805/0xb30
[ 1863.337615][T28516]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1863.337645][T28516]  ? aa_sock_msg_perm+0x94/0x160
[ 1863.337668][T28516]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1863.337699][T28516]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1863.337727][T28516]  __sock_sendmsg+0x219/0x270
[ 1863.337769][T28516]  sock_write_iter+0x258/0x330
[ 1863.337804][T28516]  ? __pfx_sock_write_iter+0x10/0x10
[ 1863.337848][T28516]  ? bpf_lsm_file_permission+0x9/0x20
[ 1863.337869][T28516]  ? security_file_permission+0x75/0x290
[ 1863.337910][T28516]  vfs_write+0x548/0xa90
[ 1863.337942][T28516]  ? __pfx_sock_write_iter+0x10/0x10
[ 1863.337975][T28516]  ? __pfx_vfs_write+0x10/0x10
[ 1863.338014][T28516]  ? __fget_files+0x2a/0x420
[ 1863.338056][T28516]  ksys_write+0x145/0x250
[ 1863.338086][T28516]  ? __pfx_ksys_write+0x10/0x10
[ 1863.338111][T28516]  ? rcu_is_watching+0x15/0xb0
[ 1863.338142][T28516]  ? do_syscall_64+0xbe/0x3b0
[ 1863.338168][T28516]  do_syscall_64+0xfa/0x3b0
[ 1863.338187][T28516]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1863.338220][T28516]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1863.338241][T28516]  ? clear_bhb_loop+0x60/0xb0
[ 1863.338267][T28516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1863.338288][T28516] RIP: 0033:0x7f25e798e929
[ 1863.338307][T28516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1863.338326][T28516] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1863.338348][T28516] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1863.338364][T28516] RDX: 0000000000000024 RSI: 0000200000000100 RDI: 0000000000000005
[ 1863.338377][T28516] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1863.338390][T28516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1863.338402][T28516] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1863.338434][T28516]  </TASK>
[ 1863.338456][T28516] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13286'.
[ 1864.788877][T28557] FAULT_INJECTION: forcing a failure.
[ 1864.788877][T28557] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1864.802397][T28557] CPU: 0 UID: 0 PID: 28557 Comm: syz.9.13296 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1864.802426][T28557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1864.802438][T28557] Call Trace:
[ 1864.802447][T28557]  <TASK>
[ 1864.802457][T28557]  dump_stack_lvl+0x189/0x250
[ 1864.802486][T28557]  ? __pfx____ratelimit+0x10/0x10
[ 1864.802518][T28557]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1864.802543][T28557]  ? __pfx__printk+0x10/0x10
[ 1864.802568][T28557]  ? fs_reclaim_acquire+0x7d/0x100
[ 1864.802607][T28557]  should_fail_ex+0x414/0x560
[ 1864.802639][T28557]  prepare_alloc_pages+0x213/0x610
[ 1864.802677][T28557]  __alloc_frozen_pages_noprof+0x123/0x370
[ 1864.802719][T28557]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1864.802753][T28557]  ? __lock_acquire+0xab9/0xd20
[ 1864.802786][T28557]  alloc_pages_mpol+0x232/0x4a0
[ 1864.802819][T28557]  alloc_pages_noprof+0xa9/0x190
[ 1864.802847][T28557]  pte_alloc_one+0x21/0x170
[ 1864.802873][T28557]  __pte_alloc+0x25/0x1a0
[ 1864.802907][T28557]  __handle_mm_fault+0x4b8a/0x5620
[ 1864.802949][T28557]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1864.802992][T28557]  ? find_vma+0xe7/0x160
[ 1864.803015][T28557]  ? __pfx_find_vma+0x10/0x10
[ 1864.803042][T28557]  handle_mm_fault+0x40a/0x8e0
[ 1864.803077][T28557]  do_user_addr_fault+0x764/0x1390
[ 1864.803136][T28557]  exc_page_fault+0x76/0xf0
[ 1864.803171][T28557]  asm_exc_page_fault+0x26/0x30
[ 1864.803192][T28557] RIP: 0010:__get_user_8+0x14/0x30
[ 1864.803220][T28557] Code: ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <48> 8b 10 31 c0 0f 01 ca e9 ff ef 03 00 90 90 90 90 90 90 90 90 90
[ 1864.803239][T28557] RSP: 0018:ffffc900052afeb8 EFLAGS: 00050283
[ 1864.803259][T28557] RAX: 0000200000000240 RBX: 0000200000000240 RCX: 733f7e07f6932900
[ 1864.803275][T28557] RDX: 00007ffffffff000 RSI: ffffffff8dc3afeb RDI: ffffffff8be41840
[ 1864.803290][T28557] RBP: ffffc900052aff48 R08: 0000000000000000 R09: ffffffff820c9120
[ 1864.803305][T28557] R10: dffffc0000000000 R11: fffffbfff1f8463f R12: 00000000000000ce
[ 1864.803321][T28557] R13: 00000000000000ce R14: 0000000080000000 R15: ffff888053f33c00
[ 1864.803342][T28557]  ? __might_fault+0xb0/0x130
[ 1864.803387][T28557]  __se_sys_io_setup+0x2d/0x1a0
[ 1864.803427][T28557]  do_syscall_64+0xfa/0x3b0
[ 1864.803447][T28557]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1864.803489][T28557]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1864.803518][T28557]  ? clear_bhb_loop+0x60/0xb0
[ 1864.803544][T28557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1864.803564][T28557] RIP: 0033:0x7feb9ef8e929
[ 1864.803582][T28557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1864.803600][T28557] RSP: 002b:00007feb9fd94038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[ 1864.803621][T28557] RAX: ffffffffffffffda RBX: 00007feb9f1b5fa0 RCX: 00007feb9ef8e929
[ 1864.803637][T28557] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000080000000
[ 1864.803650][T28557] RBP: 00007feb9fd94090 R08: 0000000000000000 R09: 0000000000000000
[ 1864.803663][T28557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1864.803675][T28557] R13: 0000000000000001 R14: 00007feb9f1b5fa0 R15: 00007fff0f430498
[ 1864.803715][T28557]  </TASK>
[ 1865.299089][T28560] No control pipe specified
[ 1865.896117][T28575] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1866.288068][T28582] FAULT_INJECTION: forcing a failure.
[ 1866.288068][T28582] name failslab, interval 1, probability 0, space 0, times 0
[ 1866.324822][T28582] CPU: 0 UID: 0 PID: 28582 Comm: syz.9.13305 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1866.324853][T28582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1866.324867][T28582] Call Trace:
[ 1866.324875][T28582]  <TASK>
[ 1866.324884][T28582]  dump_stack_lvl+0x189/0x250
[ 1866.324913][T28582]  ? __pfx____ratelimit+0x10/0x10
[ 1866.324947][T28582]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1866.324972][T28582]  ? __pfx__printk+0x10/0x10
[ 1866.325002][T28582]  ? ref_tracker_alloc+0x318/0x460
[ 1866.325034][T28582]  should_fail_ex+0x414/0x560
[ 1866.325066][T28582]  should_failslab+0xa8/0x100
[ 1866.325096][T28582]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1866.325120][T28582]  ? skb_clone+0x212/0x3a0
[ 1866.325154][T28582]  skb_clone+0x212/0x3a0
[ 1866.325187][T28582]  __netlink_deliver_tap+0x404/0x850
[ 1866.325227][T28582]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1866.325255][T28582]  netlink_deliver_tap+0x19c/0x1b0
[ 1866.325283][T28582]  netlink_unicast+0x72f/0x8d0
[ 1866.325350][T28582]  netlink_sendmsg+0x805/0xb30
[ 1866.325387][T28582]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1866.325418][T28582]  ? aa_sock_msg_perm+0x94/0x160
[ 1866.325442][T28582]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1866.325473][T28582]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1866.325500][T28582]  __sock_sendmsg+0x219/0x270
[ 1866.325526][T28582]  ____sys_sendmsg+0x505/0x830
[ 1866.325561][T28582]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1866.325599][T28582]  ? import_iovec+0x74/0xa0
[ 1866.325626][T28582]  ___sys_sendmsg+0x21f/0x2a0
[ 1866.325657][T28582]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1866.325724][T28582]  ? __fget_files+0x2a/0x420
[ 1866.325754][T28582]  ? __fget_files+0x3a0/0x420
[ 1866.325796][T28582]  __x64_sys_sendmsg+0x19b/0x260
[ 1866.325828][T28582]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1866.325867][T28582]  ? __pfx_ksys_write+0x10/0x10
[ 1866.325893][T28582]  ? rcu_is_watching+0x15/0xb0
[ 1866.325923][T28582]  ? do_syscall_64+0xbe/0x3b0
[ 1866.325960][T28582]  do_syscall_64+0xfa/0x3b0
[ 1866.325979][T28582]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1866.326010][T28582]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1866.326030][T28582]  ? clear_bhb_loop+0x60/0xb0
[ 1866.326056][T28582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1866.326076][T28582] RIP: 0033:0x7feb9ef8e929
[ 1866.326094][T28582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1866.326111][T28582] RSP: 002b:00007feb9fd94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1866.326133][T28582] RAX: ffffffffffffffda RBX: 00007feb9f1b5fa0 RCX: 00007feb9ef8e929
[ 1866.326148][T28582] RDX: 0000000020040000 RSI: 0000200000000140 RDI: 0000000000000003
[ 1866.326161][T28582] RBP: 00007feb9fd94090 R08: 0000000000000000 R09: 0000000000000000
[ 1866.326174][T28582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1866.326186][T28582] R13: 0000000000000000 R14: 00007feb9f1b5fa0 R15: 00007fff0f430498
[ 1866.326217][T28582]  </TASK>
[ 1867.267857][T28611] FAULT_INJECTION: forcing a failure.
[ 1867.267857][T28611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1867.311885][T28611] CPU: 0 UID: 0 PID: 28611 Comm: syz.0.13312 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1867.311917][T28611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1867.311931][T28611] Call Trace:
[ 1867.311940][T28611]  <TASK>
[ 1867.311949][T28611]  dump_stack_lvl+0x189/0x250
[ 1867.311978][T28611]  ? __pfx____ratelimit+0x10/0x10
[ 1867.312011][T28611]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1867.312035][T28611]  ? __pfx__printk+0x10/0x10
[ 1867.312057][T28611]  ? __might_fault+0xb0/0x130
[ 1867.312093][T28611]  should_fail_ex+0x414/0x560
[ 1867.312124][T28611]  _copy_from_iter+0x1db/0x16f0
[ 1867.312159][T28611]  ? sock_alloc_send_pskb+0x875/0x990
[ 1867.312196][T28611]  ? __pfx__copy_from_iter+0x10/0x10
[ 1867.312241][T28611]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1867.312275][T28611]  skb_copy_datagram_from_iter+0xf5/0x720
[ 1867.312318][T28611]  ? dev_get_by_index+0x22/0x2e0
[ 1867.312335][T28611]  ? skb_put+0x11b/0x210
[ 1867.312362][T28611]  packet_sendmsg+0x3abb/0x53f0
[ 1867.312421][T28611]  ? __pfx_aa_label_sk_perm+0x10/0x10
[ 1867.312461][T28611]  ? __pfx___might_resched+0x10/0x10
[ 1867.312485][T28611]  ? __lock_acquire+0xab9/0xd20
[ 1867.312520][T28611]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1867.312545][T28611]  ? aa_sk_perm+0x81e/0x950
[ 1867.312570][T28611]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 1867.312601][T28611]  ? __lock_acquire+0xab9/0xd20
[ 1867.312619][T28611]  ? aa_sock_msg_perm+0x94/0x160
[ 1867.312642][T28611]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1867.312672][T28611]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1867.312700][T28611]  __sock_sendmsg+0x219/0x270
[ 1867.312724][T28611]  ____sys_sendmsg+0x52d/0x830
[ 1867.312758][T28611]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1867.312794][T28611]  ? import_iovec+0x74/0xa0
[ 1867.312819][T28611]  ___sys_sendmsg+0x21f/0x2a0
[ 1867.312849][T28611]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1867.312913][T28611]  ? __fget_files+0x2a/0x420
[ 1867.312942][T28611]  ? __fget_files+0x3a0/0x420
[ 1867.312983][T28611]  __sys_sendmmsg+0x227/0x430
[ 1867.313017][T28611]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1867.313042][T28611]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1867.313090][T28611]  ? ksys_write+0x22a/0x250
[ 1867.313119][T28611]  ? __pfx_ksys_write+0x10/0x10
[ 1867.313143][T28611]  ? rcu_is_watching+0x15/0xb0
[ 1867.313173][T28611]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1867.313203][T28611]  do_syscall_64+0xfa/0x3b0
[ 1867.313222][T28611]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1867.313260][T28611]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1867.313280][T28611]  ? clear_bhb_loop+0x60/0xb0
[ 1867.313305][T28611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1867.313324][T28611] RIP: 0033:0x7f25e798e929
[ 1867.313343][T28611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1867.313361][T28611] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1867.313383][T28611] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1867.313398][T28611] RDX: 0000000000000001 RSI: 0000200000000440 RDI: 0000000000000006
[ 1867.313411][T28611] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1867.313424][T28611] R10: 0000000020000084 R11: 0000000000000246 R12: 0000000000000001
[ 1867.313437][T28611] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1867.313468][T28611]  </TASK>
[ 1867.648071][T28617] FAULT_INJECTION: forcing a failure.
[ 1867.648071][T28617] name failslab, interval 1, probability 0, space 0, times 0
[ 1867.661334][T28617] CPU: 1 UID: 0 PID: 28617 Comm: syz.9.13315 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1867.661362][T28617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1867.661376][T28617] Call Trace:
[ 1867.661385][T28617]  <TASK>
[ 1867.661394][T28617]  dump_stack_lvl+0x189/0x250
[ 1867.661423][T28617]  ? __pfx____ratelimit+0x10/0x10
[ 1867.661462][T28617]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1867.661486][T28617]  ? __pfx__printk+0x10/0x10
[ 1867.661516][T28617]  ? ref_tracker_alloc+0x318/0x460
[ 1867.661548][T28617]  should_fail_ex+0x414/0x560
[ 1867.661579][T28617]  should_failslab+0xa8/0x100
[ 1867.661608][T28617]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1867.661632][T28617]  ? skb_clone+0x212/0x3a0
[ 1867.661685][T28617]  skb_clone+0x212/0x3a0
[ 1867.661718][T28617]  __netlink_deliver_tap+0x404/0x850
[ 1867.661757][T28617]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1867.661785][T28617]  netlink_deliver_tap+0x19c/0x1b0
[ 1867.661812][T28617]  netlink_unicast+0x72f/0x8d0
[ 1867.661848][T28617]  netlink_sendmsg+0x805/0xb30
[ 1867.661885][T28617]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1867.661915][T28617]  ? aa_sock_msg_perm+0x94/0x160
[ 1867.661940][T28617]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1867.661971][T28617]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1867.661999][T28617]  __sock_sendmsg+0x219/0x270
[ 1867.662024][T28617]  ____sys_sendmsg+0x505/0x830
[ 1867.662059][T28617]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1867.662097][T28617]  ? import_iovec+0x74/0xa0
[ 1867.662124][T28617]  ___sys_sendmsg+0x21f/0x2a0
[ 1867.662155][T28617]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1867.662225][T28617]  ? __fget_files+0x2a/0x420
[ 1867.662255][T28617]  ? __fget_files+0x3a0/0x420
[ 1867.662298][T28617]  __x64_sys_sendmsg+0x19b/0x260
[ 1867.662329][T28617]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1867.662369][T28617]  ? __pfx_ksys_write+0x10/0x10
[ 1867.662394][T28617]  ? rcu_is_watching+0x15/0xb0
[ 1867.662425][T28617]  ? do_syscall_64+0xbe/0x3b0
[ 1867.662456][T28617]  do_syscall_64+0xfa/0x3b0
[ 1867.662475][T28617]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1867.662507][T28617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1867.662529][T28617]  ? clear_bhb_loop+0x60/0xb0
[ 1867.662554][T28617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1867.662575][T28617] RIP: 0033:0x7feb9ef8e929
[ 1867.662593][T28617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1867.662612][T28617] RSP: 002b:00007feb9fd94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1867.662632][T28617] RAX: ffffffffffffffda RBX: 00007feb9f1b5fa0 RCX: 00007feb9ef8e929
[ 1867.662649][T28617] RDX: 0000000000000080 RSI: 0000200000004340 RDI: 0000000000000004
[ 1867.662662][T28617] RBP: 00007feb9fd94090 R08: 0000000000000000 R09: 0000000000000000
[ 1867.662675][T28617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1867.662688][T28617] R13: 0000000000000000 R14: 00007feb9f1b5fa0 R15: 00007fff0f430498
[ 1867.662720][T28617]  </TASK>
[ 1868.289888][T28633] FAULT_INJECTION: forcing a failure.
[ 1868.289888][T28633] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1868.334748][T13771] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[ 1868.349453][T28633] CPU: 0 UID: 0 PID: 28633 Comm: syz.0.13319 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1868.349483][T28633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1868.349497][T28633] Call Trace:
[ 1868.349507][T28633]  <TASK>
[ 1868.349519][T28633]  dump_stack_lvl+0x189/0x250
[ 1868.349550][T28633]  ? __pfx____ratelimit+0x10/0x10
[ 1868.349582][T28633]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1868.349606][T28633]  ? __pfx__printk+0x10/0x10
[ 1868.349632][T28633]  ? fs_reclaim_acquire+0x7d/0x100
[ 1868.349672][T28633]  should_fail_ex+0x414/0x560
[ 1868.349705][T28633]  prepare_alloc_pages+0x213/0x610
[ 1868.349744][T28633]  __alloc_frozen_pages_noprof+0x123/0x370
[ 1868.349781][T28633]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1868.349818][T28633]  ? __pfx___might_resched+0x10/0x10
[ 1868.349839][T28633]  ? rcu_is_watching+0x15/0xb0
[ 1868.349863][T28633]  ? trace_sched_exit_tp+0x38/0x120
[ 1868.349905][T28633]  __folio_alloc_noprof+0x18/0x120
[ 1868.349937][T28633]  migrate_pages_batch+0x79d/0x2830
[ 1868.349992][T28633]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1868.350026][T28633]  ? __pfx_migrate_pages_batch+0x10/0x10
[ 1868.350065][T28633]  ? do_raw_spin_lock+0x121/0x290
[ 1868.350099][T28633]  ? __lock_acquire+0xab9/0xd20
[ 1868.350136][T28633]  migrate_pages+0x1bcc/0x2930
[ 1868.350184][T28633]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1868.350214][T28633]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1868.350253][T28633]  ? __pfx_migrate_pages+0x10/0x10
[ 1868.350292][T28633]  ? memcg_rstat_updated+0xff/0x230
[ 1868.350327][T28633]  ? rcu_is_watching+0x15/0xb0
[ 1868.350351][T28633]  ? mod_memcg_lruvec_state+0x1bb/0x370
[ 1868.350410][T28633]  ? __lock_acquire+0xab9/0xd20
[ 1868.350440][T28633]  move_pages_and_store_status+0xff/0x250
[ 1868.350476][T28633]  ? __pfx_move_pages_and_store_status+0x10/0x10
[ 1868.350516][T28633]  ? __might_fault+0xb0/0x130
[ 1868.350544][T28633]  __se_sys_move_pages+0x6f7/0x16d0
[ 1868.350593][T28633]  ? __pfx___se_sys_move_pages+0x10/0x10
[ 1868.350624][T28633]  ? ksys_write+0x1cb/0x250
[ 1868.350655][T28633]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1868.350675][T28633]  ? __pfx_vfs_write+0x10/0x10
[ 1868.350705][T28633]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1868.350730][T28633]  ? __fget_files+0x3a0/0x420
[ 1868.350777][T28633]  ? __pfx_ksys_write+0x10/0x10
[ 1868.350809][T28633]  ? __x64_sys_move_pages+0x21/0xf0
[ 1868.350843][T28633]  do_syscall_64+0xfa/0x3b0
[ 1868.350861][T28633]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1868.350892][T28633]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1868.350913][T28633]  ? clear_bhb_loop+0x60/0xb0
[ 1868.350938][T28633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1868.350957][T28633] RIP: 0033:0x7f25e798e929
[ 1868.350975][T28633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1868.350994][T28633] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[ 1868.351017][T28633] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1868.351032][T28633] RDX: 00002000000001c0 RSI: 000000000000003f RDI: 0000000000000000
[ 1868.351046][T28633] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000002
[ 1868.351059][T28633] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[ 1868.351073][T28633] R13: 0000000000000001 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1868.351103][T28633]  </TASK>
[ 1868.815764][T13771] usb 10-1: Using ep0 maxpacket: 8
[ 1868.824701][T13771] usb 10-1: config 0 has an invalid interface number: 130 but max is 12
[ 1868.840679][T13771] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1868.860494][T13771] usb 10-1: config 0 has no interface number 0
[ 1868.866752][T13771] usb 10-1: too many endpoints for config 0 interface 130 altsetting 58: 207, using maximum allowed: 30
[ 1868.878016][T13771] usb 10-1: config 0 interface 130 altsetting 58 has 0 endpoint descriptors, different from the interface descriptor's value: 207
[ 1868.892203][T13771] usb 10-1: config 0 interface 130 has no altsetting 0
[ 1868.913436][T13771] usb 10-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1868.923057][T13771] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1868.931188][T13771] usb 10-1: Product: syz
[ 1868.935587][T13771] usb 10-1: Manufacturer: syz
[ 1868.940314][T13771] usb 10-1: SerialNumber: syz
[ 1868.958976][T13771] usb 10-1: config 0 descriptor??
[ 1869.284379][T28651] FAULT_INJECTION: forcing a failure.
[ 1869.284379][T28651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1869.339770][T28651] CPU: 0 UID: 0 PID: 28651 Comm: syz.0.13325 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1869.339802][T28651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1869.339815][T28651] Call Trace:
[ 1869.339824][T28651]  <TASK>
[ 1869.339834][T28651]  dump_stack_lvl+0x189/0x250
[ 1869.339864][T28651]  ? __pfx____ratelimit+0x10/0x10
[ 1869.339905][T28651]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1869.339930][T28651]  ? __pfx__printk+0x10/0x10
[ 1869.339955][T28651]  ? __might_fault+0xb0/0x130
[ 1869.339993][T28651]  should_fail_ex+0x414/0x560
[ 1869.340026][T28651]  _copy_from_user+0x2d/0xb0
[ 1869.340055][T28651]  ___sys_sendmsg+0x158/0x2a0
[ 1869.340087][T28651]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1869.340164][T28651]  ? __might_fault+0xb0/0x130
[ 1869.340194][T28651]  __sys_sendmmsg+0x227/0x430
[ 1869.340229][T28651]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1869.340256][T28651]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1869.340313][T28651]  ? ksys_write+0x22a/0x250
[ 1869.340344][T28651]  ? __pfx_ksys_write+0x10/0x10
[ 1869.340369][T28651]  ? rcu_is_watching+0x15/0xb0
[ 1869.340401][T28651]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1869.340433][T28651]  do_syscall_64+0xfa/0x3b0
[ 1869.340452][T28651]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1869.340484][T28651]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.340505][T28651]  ? clear_bhb_loop+0x60/0xb0
[ 1869.340531][T28651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.340552][T28651] RIP: 0033:0x7f25e798e929
[ 1869.340571][T28651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1869.340589][T28651] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1869.340612][T28651] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1869.340629][T28651] RDX: 0000000000000003 RSI: 0000200000007b00 RDI: 0000000000000004
[ 1869.340643][T28651] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1869.340656][T28651] R10: 0000000004000001 R11: 0000000000000246 R12: 0000000000000001
[ 1869.340670][T28651] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1869.340702][T28651]  </TASK>
[ 1869.641155][T13771] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1869.648172][T13771] gspca_zc3xx: reg_w_i err -71
[ 1870.292791][T13771] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1870.301916][T13771] gspca_zc3xx 10-1:0.130: probe with driver gspca_zc3xx failed with error -71
[ 1870.324447][T13771] usb 10-1: USB disconnect, device number 31
[ 1870.472269][T28682] syz.0.13334: attempt to access beyond end of device
[ 1870.472269][T28682] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1870.676465][T13771] usb 10-1: new high-speed USB device number 32 using dummy_hcd
[ 1870.862496][T13771] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1870.886309][T13771] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1870.907735][T28689] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1870.919555][T13771] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1870.930390][T13771] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1870.943588][T13771] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1870.952755][T13771] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1870.967281][T13771] usb 10-1: config 0 descriptor??
[ 1871.418707][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.430400][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.437956][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.452144][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.463992][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.476074][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.483638][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.510908][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.532734][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.540209][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.569633][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.585525][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.593121][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.614838][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.637053][T13771] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1871.645965][T13771] plantronics 0003:047F:FFFF.002A: No inputs registered, leaving
[ 1871.675053][T13771] plantronics 0003:047F:FFFF.002A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[ 1871.773784][T28717] FAULT_INJECTION: forcing a failure.
[ 1871.773784][T28717] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.786821][T28717] CPU: 0 UID: 0 PID: 28717 Comm: syz.7.13338 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1871.786851][T28717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1871.786864][T28717] Call Trace:
[ 1871.786874][T28717]  <TASK>
[ 1871.786883][T28717]  dump_stack_lvl+0x189/0x250
[ 1871.786914][T28717]  ? __pfx____ratelimit+0x10/0x10
[ 1871.786948][T28717]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1871.786972][T28717]  ? __pfx__printk+0x10/0x10
[ 1871.787002][T28717]  ? __pfx___might_resched+0x10/0x10
[ 1871.787026][T28717]  ? fs_reclaim_acquire+0x7d/0x100
[ 1871.787061][T28717]  should_fail_ex+0x414/0x560
[ 1871.787094][T28717]  should_failslab+0xa8/0x100
[ 1871.787124][T28717]  __kmalloc_noprof+0xcb/0x4f0
[ 1871.787147][T28717]  ? kfree+0x4d/0x440
[ 1871.787167][T28717]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1871.787199][T28717]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1871.787240][T28717]  tomoyo_check_open_permission+0x1c1/0x3b0
[ 1871.787275][T28717]  ? tomoyo_check_open_permission+0x16a/0x3b0
[ 1871.787307][T28717]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1871.787381][T28717]  ? tomoyo_file_open+0x165/0x220
[ 1871.787413][T28717]  security_file_open+0xb1/0x270
[ 1871.787445][T28717]  do_dentry_open+0x35e/0x1970
[ 1871.787484][T28717]  vfs_open+0x3b/0x340
[ 1871.787502][T28717]  ? path_openat+0x2ecd/0x3830
[ 1871.787535][T28717]  path_openat+0x2ee5/0x3830
[ 1871.787558][T28717]  ? arch_stack_walk+0xfc/0x150
[ 1871.787617][T28717]  ? __pfx_path_openat+0x10/0x10
[ 1871.787640][T28717]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1871.787681][T28717]  do_filp_open+0x1fa/0x410
[ 1871.787702][T28717]  ? __lock_acquire+0xab9/0xd20
[ 1871.787731][T28717]  ? __pfx_do_filp_open+0x10/0x10
[ 1871.787786][T28717]  ? _raw_spin_unlock+0x28/0x50
[ 1871.787814][T28717]  ? alloc_fd+0x64c/0x6c0
[ 1871.787856][T28717]  do_sys_openat2+0x121/0x1c0
[ 1871.787881][T28717]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1871.787904][T28717]  ? ksys_write+0x22a/0x250
[ 1871.787934][T28717]  ? __pfx_ksys_write+0x10/0x10
[ 1871.787959][T28717]  ? rcu_is_watching+0x15/0xb0
[ 1871.787988][T28717]  __x64_sys_openat+0x138/0x170
[ 1871.788016][T28717]  do_syscall_64+0xfa/0x3b0
[ 1871.788036][T28717]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1871.788069][T28717]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1871.788089][T28717]  ? clear_bhb_loop+0x60/0xb0
[ 1871.788115][T28717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1871.788135][T28717] RIP: 0033:0x7f8fd778e929
[ 1871.788154][T28717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1871.788172][T28717] RSP: 002b:00007f8fd8534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1871.788194][T28717] RAX: ffffffffffffffda RBX: 00007f8fd79b5fa0 RCX: 00007f8fd778e929
[ 1871.788210][T28717] RDX: 0000000000000400 RSI: 0000200000000480 RDI: ffffffffffffff9c
[ 1871.788225][T28717] RBP: 00007f8fd8534090 R08: 0000000000000000 R09: 0000000000000000
[ 1871.788239][T28717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1871.788250][T28717] R13: 0000000000000000 R14: 00007f8fd79b5fa0 R15: 00007ffe48499e98
[ 1871.788284][T28717]  </TASK>
[ 1871.916440][ T5880] usb 10-1: USB disconnect, device number 32
[ 1871.967964][T28717] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1872.830219][T28746] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1873.114047][T25693] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1873.121408][T19310] Bluetooth: hci4: command 0x1003 tx timeout
[ 1874.344739][T28794] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1874.658293][T28808] fuse: Bad value for 'fd'
[ 1875.203840][T25693] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1875.232092][T25693] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1875.246247][T25693] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1875.254798][T25693] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1875.264383][T25693] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1875.450221][T28833] wg0 speed is unknown, defaulting to 1000
[ 1875.540074][T28874] fuse: Bad value for 'fd'
[ 1875.657174][T28884] FAULT_INJECTION: forcing a failure.
[ 1875.657174][T28884] name failslab, interval 1, probability 0, space 0, times 0
[ 1875.687222][T28884] CPU: 1 UID: 0 PID: 28884 Comm: syz.7.13371 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1875.687254][T28884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1875.687267][T28884] Call Trace:
[ 1875.687276][T28884]  <TASK>
[ 1875.687285][T28884]  dump_stack_lvl+0x189/0x250
[ 1875.687318][T28884]  ? __pfx____ratelimit+0x10/0x10
[ 1875.687352][T28884]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1875.687376][T28884]  ? __pfx__printk+0x10/0x10
[ 1875.687407][T28884]  ? ref_tracker_alloc+0x318/0x460
[ 1875.687440][T28884]  should_fail_ex+0x414/0x560
[ 1875.687471][T28884]  should_failslab+0xa8/0x100
[ 1875.687502][T28884]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1875.687527][T28884]  ? skb_clone+0x212/0x3a0
[ 1875.687561][T28884]  skb_clone+0x212/0x3a0
[ 1875.687595][T28884]  __netlink_deliver_tap+0x404/0x850
[ 1875.687643][T28884]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1875.687671][T28884]  netlink_deliver_tap+0x19c/0x1b0
[ 1875.687699][T28884]  netlink_unicast+0x72f/0x8d0
[ 1875.687734][T28884]  netlink_sendmsg+0x805/0xb30
[ 1875.687771][T28884]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1875.687801][T28884]  ? aa_sock_msg_perm+0x94/0x160
[ 1875.687826][T28884]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1875.687858][T28884]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1875.687886][T28884]  __sock_sendmsg+0x219/0x270
[ 1875.687911][T28884]  ____sys_sendmsg+0x505/0x830
[ 1875.687945][T28884]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1875.687983][T28884]  ? import_iovec+0x74/0xa0
[ 1875.688009][T28884]  ___sys_sendmsg+0x21f/0x2a0
[ 1875.688040][T28884]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1875.688108][T28884]  ? __fget_files+0x2a/0x420
[ 1875.688138][T28884]  ? __fget_files+0x3a0/0x420
[ 1875.688181][T28884]  __x64_sys_sendmsg+0x19b/0x260
[ 1875.688213][T28884]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1875.688253][T28884]  ? __pfx_ksys_write+0x10/0x10
[ 1875.688278][T28884]  ? rcu_is_watching+0x15/0xb0
[ 1875.688308][T28884]  ? do_syscall_64+0xbe/0x3b0
[ 1875.688334][T28884]  do_syscall_64+0xfa/0x3b0
[ 1875.688354][T28884]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1875.688387][T28884]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1875.688408][T28884]  ? clear_bhb_loop+0x60/0xb0
[ 1875.688434][T28884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1875.688454][T28884] RIP: 0033:0x7f8fd778e929
[ 1875.688475][T28884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1875.688491][T28884] RSP: 002b:00007f8fd8534038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1875.688513][T28884] RAX: ffffffffffffffda RBX: 00007f8fd79b5fa0 RCX: 00007f8fd778e929
[ 1875.688530][T28884] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[ 1875.688543][T28884] RBP: 00007f8fd8534090 R08: 0000000000000000 R09: 0000000000000000
[ 1875.688557][T28884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1875.688570][T28884] R13: 0000000000000000 R14: 00007f8fd79b5fa0 R15: 00007ffe48499e98
[ 1875.688603][T28884]  </TASK>
[ 1876.057696][T28833] chnl_net:caif_netlink_parms(): no params data found
[ 1876.268320][ T1009] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1876.293095][T28833] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1876.301309][T28833] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1876.308600][T28833] bridge_slave_0: entered allmulticast mode
[ 1876.317481][T28833] bridge_slave_0: entered promiscuous mode
[ 1876.382712][ T1009] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1876.404266][T28833] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1876.416869][T28833] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1876.424298][T28833] bridge_slave_1: entered allmulticast mode
[ 1876.433374][T28833] bridge_slave_1: entered promiscuous mode
[ 1876.548505][ T1009] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1876.584419][T28833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1876.621582][T28833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1876.716482][T29064] fuse: Bad value for 'fd'
[ 1876.872338][ T1009] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1876.909563][T28833] team0: Port device team_slave_0 added
[ 1876.924803][T28833] team0: Port device team_slave_1 added
[ 1877.032771][T29112] FAULT_INJECTION: forcing a failure.
[ 1877.032771][T29112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1877.052842][T28833] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1877.066588][T28833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1877.077224][T29112] CPU: 0 UID: 0 PID: 29112 Comm: syz.9.13381 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1877.077263][T29112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1877.077279][T29112] Call Trace:
[ 1877.077290][T29112]  <TASK>
[ 1877.077300][T29112]  dump_stack_lvl+0x189/0x250
[ 1877.077344][T29112]  ? __pfx____ratelimit+0x10/0x10
[ 1877.077382][T29112]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1877.077410][T29112]  ? __pfx__printk+0x10/0x10
[ 1877.077453][T29112]  should_fail_ex+0x414/0x560
[ 1877.077491][T29112]  _copy_to_user+0x31/0xb0
[ 1877.077519][T29112]  simple_read_from_buffer+0xe1/0x170
[ 1877.077564][T29112]  proc_fail_nth_read+0x1df/0x250
[ 1877.077592][T29112]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1877.077619][T29112]  ? rw_verify_area+0x258/0x650
[ 1877.077648][T29112]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1877.077671][T29112]  vfs_read+0x1fd/0x980
[ 1877.077708][T29112]  ? __pfx___mutex_lock+0x10/0x10
[ 1877.077733][T29112]  ? __pfx_vfs_read+0x10/0x10
[ 1877.077764][T29112]  ? __fget_files+0x2a/0x420
[ 1877.077805][T29112]  ? __fget_files+0x3a0/0x420
[ 1877.077837][T29112]  ? __fget_files+0x2a/0x420
[ 1877.077883][T29112]  ksys_read+0x145/0x250
[ 1877.077912][T29112]  ? __fget_files+0x2a/0x420
[ 1877.077949][T29112]  ? __pfx_ksys_read+0x10/0x10
[ 1877.077988][T29112]  ? do_syscall_64+0xbe/0x3b0
[ 1877.078018][T29112]  do_syscall_64+0xfa/0x3b0
[ 1877.078041][T29112]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1877.078076][T29112]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1877.078099][T29112]  ? clear_bhb_loop+0x60/0xb0
[ 1877.078128][T29112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1877.078151][T29112] RIP: 0033:0x7feb9ef8d33c
[ 1877.078172][T29112] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1877.078192][T29112] RSP: 002b:00007feb9fd94030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1877.078218][T29112] RAX: ffffffffffffffda RBX: 00007feb9f1b5fa0 RCX: 00007feb9ef8d33c
[ 1877.078237][T29112] RDX: 000000000000000f RSI: 00007feb9fd940a0 RDI: 0000000000000005
[ 1877.078252][T29112] RBP: 00007feb9fd94090 R08: 0000000000000000 R09: 0000000000000000
[ 1877.078266][T29112] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1877.078283][T29112] R13: 0000000000000000 R14: 00007feb9f1b5fa0 R15: 00007fff0f430498
[ 1877.078327][T29112]  </TASK>
[ 1877.349864][T28833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1877.363845][T28833] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1877.370889][T28833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1877.440446][T28833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1877.478120][T25693] Bluetooth: hci4: command tx timeout
[ 1877.569838][T28833] hsr_slave_0: entered promiscuous mode
[ 1877.583824][T28833] hsr_slave_1: entered promiscuous mode
[ 1877.590080][T28833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1877.612316][T28833] Cannot create hsr debugfs directory
[ 1877.691120][T13771] usb 10-1: new high-speed USB device number 33 using dummy_hcd
[ 1877.897083][T13771] usb 10-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1877.911541][T13771] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1877.942898][T13771] usb 10-1: config 0 descriptor??
[ 1877.972794][ T1009] team0: left allmulticast mode
[ 1877.980919][ T1009] C: left allmulticast mode
[ 1877.986623][ T1009] team_slave_1: left allmulticast mode
[ 1877.993312][ T1009] bridge0: port 3(team0) entered disabled state
[ 1878.004583][ T1009] bridge_slave_1: left allmulticast mode
[ 1878.013137][ T1009] bridge_slave_1: left promiscuous mode
[ 1878.018987][ T1009] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1878.030437][ T1009] bridge_slave_0: left allmulticast mode
[ 1878.036281][ T1009] bridge_slave_0: left promiscuous mode
[ 1878.043435][ T1009] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1878.559155][ T1009] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1878.573513][ T1009] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1878.585720][ T1009] bond0 (unregistering): Released all slaves
[ 1878.734069][T29240] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13386'.
[ 1878.791597][T29240] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13386'.
[ 1878.925729][T29131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1878.971528][T29131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1879.010784][T29131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1879.036162][T29131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1879.060156][T29131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1879.096653][T29131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1879.125423][T29131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1879.146700][T29131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1879.149446][T29265] fuse: Bad value for 'fd'
[ 1879.395804][T29283] FAULT_INJECTION: forcing a failure.
[ 1879.395804][T29283] name failslab, interval 1, probability 0, space 0, times 0
[ 1879.418262][T29283] CPU: 1 UID: 0 PID: 29283 Comm: syz.0.13388 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1879.418302][T29283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1879.418315][T29283] Call Trace:
[ 1879.418324][T29283]  <TASK>
[ 1879.418333][T29283]  dump_stack_lvl+0x189/0x250
[ 1879.418362][T29283]  ? __pfx____ratelimit+0x10/0x10
[ 1879.418397][T29283]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1879.418422][T29283]  ? __pfx__printk+0x10/0x10
[ 1879.418452][T29283]  ? ref_tracker_alloc+0x318/0x460
[ 1879.418483][T29283]  should_fail_ex+0x414/0x560
[ 1879.418513][T29283]  should_failslab+0xa8/0x100
[ 1879.418545][T29283]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1879.418569][T29283]  ? skb_clone+0x212/0x3a0
[ 1879.418602][T29283]  skb_clone+0x212/0x3a0
[ 1879.418635][T29283]  __netlink_deliver_tap+0x404/0x850
[ 1879.418676][T29283]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1879.418705][T29283]  netlink_deliver_tap+0x19c/0x1b0
[ 1879.418732][T29283]  netlink_unicast+0x72f/0x8d0
[ 1879.418767][T29283]  netlink_sendmsg+0x805/0xb30
[ 1879.418802][T29283]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1879.418835][T29283]  ? aa_sock_msg_perm+0x94/0x160
[ 1879.418860][T29283]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1879.418891][T29283]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1879.418919][T29283]  __sock_sendmsg+0x219/0x270
[ 1879.418941][T29283]  ____sys_sendmsg+0x505/0x830
[ 1879.418976][T29283]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1879.419015][T29283]  ? import_iovec+0x74/0xa0
[ 1879.419040][T29283]  ___sys_sendmsg+0x21f/0x2a0
[ 1879.419070][T29283]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1879.419136][T29283]  ? __fget_files+0x2a/0x420
[ 1879.419162][T29283]  ? __fget_files+0x3a0/0x420
[ 1879.419196][T29283]  __x64_sys_sendmsg+0x19b/0x260
[ 1879.419221][T29283]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1879.419254][T29283]  ? __pfx_ksys_write+0x10/0x10
[ 1879.419280][T29283]  ? rcu_is_watching+0x15/0xb0
[ 1879.419407][T29283]  ? do_syscall_64+0xbe/0x3b0
[ 1879.419434][T29283]  do_syscall_64+0xfa/0x3b0
[ 1879.419453][T29283]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1879.419481][T29283]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1879.419499][T29283]  ? clear_bhb_loop+0x60/0xb0
[ 1879.419521][T29283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1879.419538][T29283] RIP: 0033:0x7f25e798e929
[ 1879.419555][T29283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1879.419574][T29283] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1879.419595][T29283] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1879.419609][T29283] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[ 1879.419620][T29283] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1879.419631][T29283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1879.419641][T29283] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1879.419667][T29283]  </TASK>
[ 1879.725053][T25693] Bluetooth: hci4: command tx timeout
[ 1879.848682][T29131] usb usb7: usbfs: process 29131 (syz.9.13383) did not claim interface 0 before use
[ 1880.039161][T13771] usb 10-1: Cannot set autoneg
[ 1880.058184][T13771] MOSCHIP usb-ethernet driver 10-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1880.115980][T13771] usb 10-1: USB disconnect, device number 33
[ 1880.158497][ T1009] hsr_slave_0: left promiscuous mode
[ 1880.185077][ T1009] hsr_slave_1: left promiscuous mode
[ 1880.200122][ T1009] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1880.220785][ T1009] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1880.229652][ T1009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1880.235121][T29324] autofs: Unknown parameter '��՝�h�Ъ���o׋�+'
[ 1880.242464][ T1009] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1880.274973][ T1009] veth1_macvtap: left promiscuous mode
[ 1880.287979][ T1009] veth0_macvtap: left promiscuous mode
[ 1880.293641][ T1009] veth1_vlan: left promiscuous mode
[ 1880.303925][ T1009] veth0_vlan: left promiscuous mode
[ 1880.824645][T29336] fuse: Bad value for 'fd'
[ 1881.075886][T29343] tmpfs: Unknown parameter 'usrquota�'
[ 1881.119135][ T1009] team_slave_1 (unregistering): left promiscuous mode
[ 1881.150651][ T1009] team0 (unregistering): Port device team_slave_1 removed
[ 1881.258362][T29353] FAULT_INJECTION: forcing a failure.
[ 1881.258362][T29353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1881.278898][ T1009] C (unregistering): left promiscuous mode
[ 1881.285411][T29353] CPU: 1 UID: 0 PID: 29353 Comm: syz.9.13399 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1881.285439][T29353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1881.285450][T29353] Call Trace:
[ 1881.285459][T29353]  <TASK>
[ 1881.285468][T29353]  dump_stack_lvl+0x189/0x250
[ 1881.285497][T29353]  ? __pfx____ratelimit+0x10/0x10
[ 1881.285529][T29353]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1881.285551][T29353]  ? __pfx__printk+0x10/0x10
[ 1881.285574][T29353]  ? __might_fault+0xb0/0x130
[ 1881.285609][T29353]  should_fail_ex+0x414/0x560
[ 1881.285640][T29353]  _copy_from_user+0x2d/0xb0
[ 1881.285662][T29353]  do_sys_poll+0x242/0x1070
[ 1881.285709][T29353]  ? __pfx_do_sys_poll+0x10/0x10
[ 1881.285827][T29353]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1881.285878][T29353]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1881.285907][T29353]  ? vfs_write+0x8d8/0xa90
[ 1881.285962][T29353]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1881.285983][T29353]  ? set_user_sigmask+0xc7/0x1b0
[ 1881.286007][T29353]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1881.286031][T29353]  ? __fget_files+0x3a0/0x420
[ 1881.286070][T29353]  __se_sys_ppoll+0x1ff/0x260
[ 1881.286103][T29353]  ? __pfx___se_sys_ppoll+0x10/0x10
[ 1881.286131][T29353]  ? __pfx_ksys_write+0x10/0x10
[ 1881.286156][T29353]  ? rcu_is_watching+0x15/0xb0
[ 1881.286194][T29353]  ? do_syscall_64+0xbe/0x3b0
[ 1881.286213][T29353]  ? __x64_sys_ppoll+0x20/0xc0
[ 1881.286245][T29353]  do_syscall_64+0xfa/0x3b0
[ 1881.286265][T29353]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1881.286297][T29353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.286317][T29353]  ? clear_bhb_loop+0x60/0xb0
[ 1881.286343][T29353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.286363][T29353] RIP: 0033:0x7feb9ef8e929
[ 1881.286386][T29353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1881.286405][T29353] RSP: 002b:00007feb9fd94038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[ 1881.286427][T29353] RAX: ffffffffffffffda RBX: 00007feb9f1b5fa0 RCX: 00007feb9ef8e929
[ 1881.286442][T29353] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[ 1881.286456][T29353] RBP: 00007feb9fd94090 R08: 0000000000000000 R09: 0000000000000000
[ 1881.286469][T29353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1881.286481][T29353] R13: 0000000000000000 R14: 00007feb9f1b5fa0 R15: 00007fff0f430498
[ 1881.286513][T29353]  </TASK>
[ 1881.552630][ T1009] team0 (unregistering): Port device C removed
[ 1881.800402][T29362] FAULT_INJECTION: forcing a failure.
[ 1881.800402][T29362] name failslab, interval 1, probability 0, space 0, times 0
[ 1881.820214][T29362] CPU: 0 UID: 0 PID: 29362 Comm: syz.7.13404 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1881.820245][T29362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1881.820258][T29362] Call Trace:
[ 1881.820266][T29362]  <TASK>
[ 1881.820274][T29362]  dump_stack_lvl+0x189/0x250
[ 1881.820302][T29362]  ? __pfx____ratelimit+0x10/0x10
[ 1881.820333][T29362]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1881.820355][T29362]  ? __pfx__printk+0x10/0x10
[ 1881.820384][T29362]  ? __pfx___might_resched+0x10/0x10
[ 1881.820411][T29362]  should_fail_ex+0x414/0x560
[ 1881.820441][T29362]  should_failslab+0xa8/0x100
[ 1881.820469][T29362]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1881.820494][T29362]  ? sctp_association_new+0x89/0x25f0
[ 1881.820519][T29362]  ? __asan_memcpy+0x40/0x70
[ 1881.820542][T29362]  sctp_association_new+0x89/0x25f0
[ 1881.820569][T29362]  ? sctp_do_bind+0x65a/0x940
[ 1881.820599][T29362]  ? __ipv6_addr_type+0x247/0x2f0
[ 1881.820623][T29362]  sctp_connect_new_asoc+0x2c5/0x690
[ 1881.820652][T29362]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1881.820676][T29362]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1881.820706][T29362]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1881.820725][T29362]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1881.820757][T29362]  sctp_sendmsg+0x155c/0x2810
[ 1881.820805][T29362]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1881.820835][T29362]  ? aa_sk_perm+0x81e/0x950
[ 1881.820860][T29362]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1881.820893][T29362]  ? sock_rps_record_flow+0x19/0x410
[ 1881.820917][T29362]  ? inet_sendmsg+0x2f4/0x370
[ 1881.820941][T29362]  __sock_sendmsg+0x19c/0x270
[ 1881.820965][T29362]  ____sys_sendmsg+0x52d/0x830
[ 1881.820997][T29362]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1881.821032][T29362]  ? import_iovec+0x74/0xa0
[ 1881.821057][T29362]  ___sys_sendmsg+0x21f/0x2a0
[ 1881.821086][T29362]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1881.821150][T29362]  ? __fget_files+0x2a/0x420
[ 1881.821179][T29362]  ? __fget_files+0x3a0/0x420
[ 1881.821219][T29362]  __sys_sendmmsg+0x227/0x430
[ 1881.821251][T29362]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1881.821275][T29362]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1881.821323][T29362]  ? ksys_write+0x22a/0x250
[ 1881.821351][T29362]  ? __pfx_ksys_write+0x10/0x10
[ 1881.821374][T29362]  ? rcu_is_watching+0x15/0xb0
[ 1881.821404][T29362]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1881.821433][T29362]  do_syscall_64+0xfa/0x3b0
[ 1881.821452][T29362]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1881.821482][T29362]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.821501][T29362]  ? clear_bhb_loop+0x60/0xb0
[ 1881.821526][T29362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1881.821545][T29362] RIP: 0033:0x7f8fd778e929
[ 1881.821564][T29362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1881.821581][T29362] RSP: 002b:00007f8fd8534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1881.821603][T29362] RAX: ffffffffffffffda RBX: 00007f8fd79b5fa0 RCX: 00007f8fd778e929
[ 1881.821617][T29362] RDX: 0000000000000001 RSI: 0000200000002840 RDI: 0000000000000003
[ 1881.821630][T29362] RBP: 00007f8fd8534090 R08: 0000000000000000 R09: 0000000000000000
[ 1881.821643][T29362] R10: 0000000014018891 R11: 0000000000000246 R12: 0000000000000001
[ 1881.821655][T29362] R13: 0000000000000000 R14: 00007f8fd79b5fa0 R15: 00007ffe48499e98
[ 1881.821686][T29362]  </TASK>
[ 1881.841171][T29364] fuse: Bad value for 'fd'
[ 1881.933485][T25693] Bluetooth: hci4: command tx timeout
[ 1882.057782][T29366] binder: 29365:29366 ioctl 40046205 0 returned -22
[ 1882.387592][T13771] usb 10-1: new high-speed USB device number 34 using dummy_hcd
[ 1882.432049][T29374] input: syz1 as /devices/virtual/input/input155
[ 1882.555984][T13771] usb 10-1: Using ep0 maxpacket: 32
[ 1882.591647][T13771] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[ 1882.610734][T13771] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1882.622350][T13771] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1882.644806][T13771] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1882.658283][T13771] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1882.707032][T13771] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1882.716321][T13771] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1882.725057][T13771] usb 10-1: Product: syz
[ 1882.729401][T13771] usb 10-1: Manufacturer: syz
[ 1882.734119][T13771] usb 10-1: SerialNumber: syz
[ 1882.744346][T13771] usb 10-1: config 0 descriptor??
[ 1882.756473][T13771] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1882.786636][T13771] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1882.984727][T13771] usb 10-1: USB disconnect, device number 34
[ 1882.990926][    C0] ldusb 10-1:0.0: usb_submit_urb failed (-19)
[ 1883.011085][T13771] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1883.306727][T29418] FAULT_INJECTION: forcing a failure.
[ 1883.306727][T29418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1883.338752][T29418] CPU: 1 UID: 0 PID: 29418 Comm: syz.0.13409 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1883.338779][T29418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1883.338790][T29418] Call Trace:
[ 1883.338798][T29418]  <TASK>
[ 1883.338806][T29418]  dump_stack_lvl+0x189/0x250
[ 1883.338831][T29418]  ? __pfx____ratelimit+0x10/0x10
[ 1883.338858][T29418]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1883.338877][T29418]  ? __pfx__printk+0x10/0x10
[ 1883.338896][T29418]  ? __might_fault+0xb0/0x130
[ 1883.338930][T29418]  should_fail_ex+0x414/0x560
[ 1883.338956][T29418]  _copy_from_iter+0x1db/0x16f0
[ 1883.338983][T29418]  ? __alloc_frozen_pages_noprof+0x1d6/0x370
[ 1883.339030][T29418]  ? __pfx__copy_from_iter+0x10/0x10
[ 1883.339062][T29418]  ? policy_nodemask+0x27c/0x720
[ 1883.339095][T29418]  ip_generic_getfrag+0xeb/0x2b0
[ 1883.339127][T29418]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1883.339155][T29418]  ? skb_page_frag_refill+0x199/0x320
[ 1883.339190][T29418]  __ip6_append_data+0x1f35/0x3de0
[ 1883.339234][T29418]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1883.339285][T29418]  ? __pfx___ip6_append_data+0x10/0x10
[ 1883.339311][T29418]  ? ip6_setup_cork+0xa1c/0x10e0
[ 1883.339343][T29418]  ip6_make_skb+0x2ce/0x410
[ 1883.339372][T29418]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1883.339407][T29418]  ? __pfx_ip6_make_skb+0x10/0x10
[ 1883.339446][T29418]  ? udpv6_sendmsg+0x178a/0x2710
[ 1883.339471][T29418]  udpv6_sendmsg+0x1c12/0x2710
[ 1883.339508][T29418]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1883.339540][T29418]  ? __pfx_udpv6_sendmsg+0x10/0x10
[ 1883.339571][T29418]  ? __pfx___might_resched+0x10/0x10
[ 1883.339611][T29418]  ? aa_sk_perm+0x81e/0x950
[ 1883.339633][T29418]  ? __lock_acquire+0xab9/0xd20
[ 1883.339669][T29418]  ? inet_send_prepare+0x5c/0x270
[ 1883.339693][T29418]  ? inet6_sendmsg+0xe4/0x120
[ 1883.339716][T29418]  __sock_sendmsg+0xe5/0x270
[ 1883.339737][T29418]  ____sys_sendmsg+0x52d/0x830
[ 1883.339766][T29418]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1883.339802][T29418]  ? import_iovec+0x74/0xa0
[ 1883.339825][T29418]  ___sys_sendmsg+0x21f/0x2a0
[ 1883.339848][T29418]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1883.339897][T29418]  ? __fget_files+0x2a/0x420
[ 1883.339921][T29418]  ? __fget_files+0x3a0/0x420
[ 1883.339953][T29418]  __sys_sendmmsg+0x227/0x430
[ 1883.339980][T29418]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1883.340001][T29418]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1883.340041][T29418]  ? ksys_write+0x22a/0x250
[ 1883.340064][T29418]  ? __pfx_ksys_write+0x10/0x10
[ 1883.340083][T29418]  ? rcu_is_watching+0x15/0xb0
[ 1883.340108][T29418]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1883.340130][T29418]  do_syscall_64+0xfa/0x3b0
[ 1883.340146][T29418]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1883.340170][T29418]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1883.340186][T29418]  ? clear_bhb_loop+0x60/0xb0
[ 1883.340205][T29418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1883.340220][T29418] RIP: 0033:0x7f25e798e929
[ 1883.340235][T29418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1883.340250][T29418] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1883.340268][T29418] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1883.340280][T29418] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000003
[ 1883.340290][T29418] RBP: 00007f25e57f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1883.340300][T29418] R10: 50d41de21d476b07 R11: 0000000000000246 R12: 0000000000000001
[ 1883.340310][T29418] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1883.340334][T29418]  </TASK>
[ 1883.775079][T28833] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1883.813774][T28833] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1883.827001][T28833] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1883.857012][T28833] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1884.141864][T29448] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1884.195741][T28833] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1884.234169][T25693] Bluetooth: hci4: command tx timeout
[ 1884.257433][T28833] 8021q: adding VLAN 0 to HW filter on device team0
[ 1884.280853][ T1009] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1884.288131][ T1009] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1884.332148][T19421] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1884.339390][T19421] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1884.458154][T28833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1884.675124][T29471] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1884.901548][T28833] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1885.005032][T28833] veth0_vlan: entered promiscuous mode
[ 1885.038457][T28833] veth1_vlan: entered promiscuous mode
[ 1885.114067][T28833] veth0_macvtap: entered promiscuous mode
[ 1885.132681][T28833] veth1_macvtap: entered promiscuous mode
[ 1885.171922][T28833] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1885.198623][T28833] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1885.213256][T28833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.224143][T28833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.239735][T28833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.251283][T28833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.426129][ T5559] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1885.450410][ T5559] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1885.528081][ T5559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1885.540245][ T5559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1885.745124][T29518] FAULT_INJECTION: forcing a failure.
[ 1885.745124][T29518] name failslab, interval 1, probability 0, space 0, times 0
[ 1885.774073][   T55] block nbd0: Possible stuck request ffff888025aa5080: control (read@0,1024B). Runtime 90 seconds
[ 1885.786486][   T55] block nbd0: Possible stuck request ffff888025aa5240: control (read@1024,1024B). Runtime 90 seconds
[ 1885.791375][T29518] CPU: 0 UID: 0 PID: 29518 Comm: syz.2.13360 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1885.791411][T29518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1885.791427][T29518] Call Trace:
[ 1885.791447][T29518]  <TASK>
[ 1885.791457][T29518]  dump_stack_lvl+0x189/0x250
[ 1885.791492][T29518]  ? __pfx____ratelimit+0x10/0x10
[ 1885.791530][T29518]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1885.791558][T29518]  ? __pfx__printk+0x10/0x10
[ 1885.791585][T29518]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1885.791627][T29518]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1885.791660][T29518]  ? preempt_schedule+0xae/0xc0
[ 1885.791691][T29518]  ? dev_loopback_xmit+0x2f6/0x490
[ 1885.791733][T29518]  should_fail_ex+0x414/0x560
[ 1885.791770][T29518]  should_failslab+0xa8/0x100
[ 1885.791803][T29518]  __kmalloc_noprof+0xcb/0x4f0
[ 1885.791831][T29518]  ? ___neigh_create+0x6d5/0x2260
[ 1885.791862][T29518]  ___neigh_create+0x6d5/0x2260
[ 1885.791898][T29518]  ? __ipv6_neigh_lookup_noref+0x531/0x710
[ 1885.791935][T29518]  ? dev_loopback_xmit+0x2f6/0x490
[ 1885.791980][T29518]  ip6_finish_output2+0xb4d/0x16a0
[ 1885.792018][T29518]  ? ip6_finish_output2+0x701/0x16a0
[ 1885.792061][T29518]  ? __pfx_ip6_finish_output2+0x10/0x10
[ 1885.792098][T29518]  ? ip6_mtu+0x7d/0x3f0
[ 1885.792130][T29518]  ? ip6_mtu+0x7d/0x3f0
[ 1885.792163][T29518]  ip6_finish_output+0x234/0x7d0
[ 1885.792195][T29518]  ? ip6_send_skb+0x10f/0x390
[ 1885.792230][T29518]  ip6_send_skb+0x1d5/0x390
[ 1885.792269][T29518]  udp_v6_send_skb+0xc17/0x1830
[ 1885.792324][T29518]  udpv6_sendmsg+0x1c4e/0x2710
[ 1885.792372][T29518]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1885.792412][T29518]  ? __pfx_udpv6_sendmsg+0x10/0x10
[ 1885.792459][T29518]  ? __pfx___might_resched+0x10/0x10
[ 1885.792509][T29518]  ? aa_sk_perm+0x81e/0x950
[ 1885.792536][T29518]  ? __lock_acquire+0xab9/0xd20
[ 1885.792570][T29518]  ? inet_send_prepare+0x5c/0x270
[ 1885.792600][T29518]  ? inet6_sendmsg+0xe4/0x120
[ 1885.792639][T29518]  __sock_sendmsg+0xe5/0x270
[ 1885.792667][T29518]  ____sys_sendmsg+0x52d/0x830
[ 1885.792724][T29518]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1885.792768][T29518]  ? import_iovec+0x74/0xa0
[ 1885.792797][T29518]  ___sys_sendmsg+0x21f/0x2a0
[ 1885.792833][T29518]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1885.792909][T29518]  ? __fget_files+0x2a/0x420
[ 1885.792943][T29518]  ? __fget_files+0x3a0/0x420
[ 1885.792991][T29518]  __sys_sendmmsg+0x227/0x430
[ 1885.793032][T29518]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1885.793060][T29518]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1885.793116][T29518]  ? ksys_write+0x22a/0x250
[ 1885.793148][T29518]  ? __pfx_ksys_write+0x10/0x10
[ 1885.793175][T29518]  ? rcu_is_watching+0x15/0xb0
[ 1885.793211][T29518]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1885.793246][T29518]  do_syscall_64+0xfa/0x3b0
[ 1885.793270][T29518]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1885.793305][T29518]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1885.793329][T29518]  ? clear_bhb_loop+0x60/0xb0
[ 1885.793358][T29518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1885.793381][T29518] RIP: 0033:0x7f4586b8e929
[ 1885.793402][T29518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1885.793423][T29518] RSP: 002b:00007f458796f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1885.793455][T29518] RAX: ffffffffffffffda RBX: 00007f4586db5fa0 RCX: 00007f4586b8e929
[ 1885.793473][T29518] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000003
[ 1885.793487][T29518] RBP: 00007f458796f090 R08: 0000000000000000 R09: 0000000000000000
[ 1885.793503][T29518] R10: 50d41de21d476b07 R11: 0000000000000246 R12: 0000000000000001
[ 1885.793519][T29518] R13: 0000000000000000 R14: 00007f4586db5fa0 R15: 00007fff7fa18e28
[ 1885.793556][T29518]  </TASK>
[ 1886.173041][   T55] block nbd0: Possible stuck request ffff888025aa5400: control (read@2048,1024B). Runtime 90 seconds
[ 1886.184070][   T55] block nbd0: Possible stuck request ffff888025aa55c0: control (read@3072,1024B). Runtime 90 seconds
[ 1886.883814][T19310] Bluetooth: hci1: command 0x1003 tx timeout
[ 1886.892117][T25693] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1887.167339][T29564] pim6reg0: tun_chr_ioctl cmd 1074025677
[ 1887.205630][T29564] pim6reg0: linktype set to 769
[ 1887.210010][T29570] random: crng reseeded on system resumption
[ 1887.369844][T29584] binder: 29571:29584 unknown command 576
[ 1887.379454][T29584] binder: 29571:29584 ioctl c0306201 200000000480 returned -22
[ 1887.475116][T29584] netlink: 'syz.2.13427': attribute type 4 has an invalid length.
[ 1887.664221][T29595] FAULT_INJECTION: forcing a failure.
[ 1887.664221][T29595] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1887.691314][T29595] CPU: 1 UID: 0 PID: 29595 Comm: syz.7.13432 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1887.691344][T29595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1887.691357][T29595] Call Trace:
[ 1887.691365][T29595]  <TASK>
[ 1887.691374][T29595]  dump_stack_lvl+0x189/0x250
[ 1887.691403][T29595]  ? __pfx____ratelimit+0x10/0x10
[ 1887.691435][T29595]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1887.691458][T29595]  ? __pfx__printk+0x10/0x10
[ 1887.691492][T29595]  should_fail_ex+0x414/0x560
[ 1887.691524][T29595]  _copy_to_user+0x31/0xb0
[ 1887.691547][T29595]  simple_read_from_buffer+0xe1/0x170
[ 1887.691581][T29595]  proc_fail_nth_read+0x1df/0x250
[ 1887.691604][T29595]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1887.691626][T29595]  ? rw_verify_area+0x258/0x650
[ 1887.691652][T29595]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1887.691672][T29595]  vfs_read+0x1fd/0x980
[ 1887.691703][T29595]  ? __pfx___mutex_lock+0x10/0x10
[ 1887.691724][T29595]  ? __pfx_vfs_read+0x10/0x10
[ 1887.691751][T29595]  ? __fget_files+0x2a/0x420
[ 1887.691785][T29595]  ? __fget_files+0x3a0/0x420
[ 1887.691814][T29595]  ? __fget_files+0x2a/0x420
[ 1887.691855][T29595]  ksys_read+0x145/0x250
[ 1887.691884][T29595]  ? __pfx_ksys_read+0x10/0x10
[ 1887.691915][T29595]  ? do_syscall_64+0xbe/0x3b0
[ 1887.691940][T29595]  do_syscall_64+0xfa/0x3b0
[ 1887.691958][T29595]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1887.691989][T29595]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1887.692009][T29595]  ? clear_bhb_loop+0x60/0xb0
[ 1887.692034][T29595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1887.692054][T29595] RIP: 0033:0x7f8fd778d33c
[ 1887.692072][T29595] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1887.692089][T29595] RSP: 002b:00007f8fd8534030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1887.692112][T29595] RAX: ffffffffffffffda RBX: 00007f8fd79b5fa0 RCX: 00007f8fd778d33c
[ 1887.692127][T29595] RDX: 000000000000000f RSI: 00007f8fd85340a0 RDI: 0000000000000004
[ 1887.692140][T29595] RBP: 00007f8fd8534090 R08: 0000000000000000 R09: 0000000000000000
[ 1887.692153][T29595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1887.692165][T29595] R13: 0000000000000000 R14: 00007f8fd79b5fa0 R15: 00007ffe48499e98
[ 1887.692198][T29595]  </TASK>
[ 1887.729860][T29599] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1888.000113][ T5559] Bluetooth: Error in BCSP hdr checksum
[ 1888.144437][ T5738] usb 10-1: new high-speed USB device number 35 using dummy_hcd
[ 1888.315402][ T5738] usb 10-1: device descriptor read/64, error -71
[ 1888.604203][ T5738] usb 10-1: new high-speed USB device number 36 using dummy_hcd
[ 1888.775066][ T5738] usb 10-1: device descriptor read/64, error -71
[ 1888.919757][ T5738] usb usb10-port1: attempt power cycle
[ 1889.133635][ T5893] usb 3-1: new full-speed USB device number 48 using dummy_hcd
[ 1889.309813][ T5738] usb 10-1: new high-speed USB device number 37 using dummy_hcd
[ 1889.326633][ T5893] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1889.352519][ T5893] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1889.368112][ T5893] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[ 1889.380294][ T5738] usb 10-1: device descriptor read/8, error -71
[ 1889.389404][ T5893] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.41
[ 1889.398877][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1889.407219][ T5893] usb 3-1: Product: syz
[ 1889.411426][ T5893] usb 3-1: Manufacturer: syz
[ 1889.416080][ T5893] usb 3-1: SerialNumber: syz
[ 1889.651825][ T5738] usb 10-1: new high-speed USB device number 38 using dummy_hcd
[ 1889.668825][ T5893] cdc_ncm 3-1:1.0: bind() failure
[ 1889.699121][ T5893] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[ 1889.709125][ T5738] usb 10-1: device descriptor read/8, error -71
[ 1889.719276][ T5893] cdc_ncm 3-1:1.1: bind() failure
[ 1889.737769][ T5893] usb 3-1: USB disconnect, device number 48
[ 1889.837814][ T5738] usb usb10-port1: unable to enumerate USB device
[ 1889.876470][T19310] Bluetooth: hci1: command 0x1003 tx timeout
[ 1889.883635][T25693] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1890.032903][T29710] FAULT_INJECTION: forcing a failure.
[ 1890.032903][T29710] name failslab, interval 1, probability 0, space 0, times 0
[ 1890.051180][T29710] CPU: 1 UID: 0 PID: 29710 Comm: syz.0.13444 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1890.051213][T29710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1890.051226][T29710] Call Trace:
[ 1890.051236][T29710]  <TASK>
[ 1890.051245][T29710]  dump_stack_lvl+0x189/0x250
[ 1890.051276][T29710]  ? __pfx____ratelimit+0x10/0x10
[ 1890.051312][T29710]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1890.051336][T29710]  ? __pfx__printk+0x10/0x10
[ 1890.051366][T29710]  ? __pfx___might_resched+0x10/0x10
[ 1890.051389][T29710]  ? fs_reclaim_acquire+0x7d/0x100
[ 1890.051424][T29710]  should_fail_ex+0x414/0x560
[ 1890.051456][T29710]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1890.051475][T29710]  should_failslab+0xa8/0x100
[ 1890.051503][T29710]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1890.051520][T29710]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[ 1890.051544][T29710]  ? sock_alloc_inode+0x28/0xc0
[ 1890.051566][T29710]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1890.051584][T29710]  sock_alloc_inode+0x28/0xc0
[ 1890.051601][T29710]  alloc_inode+0x67/0x1b0
[ 1890.051632][T29710]  __sock_create+0x12d/0x9f0
[ 1890.051656][T29710]  ? look_up_lock_class+0x74/0x170
[ 1890.051681][T29710]  mptcp_subflow_create_socket+0xfd/0xb40
[ 1890.051712][T29710]  ? __lock_acquire+0xab9/0xd20
[ 1890.051736][T29710]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[ 1890.051773][T29710]  __mptcp_nmpc_sk+0x148/0x750
[ 1890.051801][T29710]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1890.051824][T29710]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[ 1890.051861][T29710]  mptcp_getsockopt+0xef4/0x1b90
[ 1890.051893][T29710]  ? __pfx_process_measurement+0x10/0x10
[ 1890.051916][T29710]  ? tomoyo_check_open_permission+0x16a/0x3b0
[ 1890.051951][T29710]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1890.051985][T29710]  ? __pfx_mptcp_getsockopt+0x10/0x10
[ 1890.052022][T29710]  ? __lock_acquire+0xab9/0xd20
[ 1890.052049][T29710]  ? __lock_acquire+0xab9/0xd20
[ 1890.052092][T29710]  ? __lock_acquire+0xab9/0xd20
[ 1890.052136][T29710]  ? is_bpf_text_address+0x26/0x2b0
[ 1890.052172][T29710]  ? __lock_acquire+0xab9/0xd20
[ 1890.052204][T29710]  ? __might_fault+0xb0/0x130
[ 1890.052229][T29710]  ? _parse_integer_limit+0x1ae/0x1f0
[ 1890.052264][T29710]  ? aa_label_sk_perm+0x413/0x560
[ 1890.052291][T29710]  ? __pfx_aa_label_sk_perm+0x10/0x10
[ 1890.052342][T29710]  ? __lock_acquire+0xab9/0xd20
[ 1890.052375][T29710]  ? __might_fault+0xb0/0x130
[ 1890.052417][T29710]  ? sock_common_getsockopt+0x2d/0xb0
[ 1890.052443][T29710]  do_sock_getsockopt+0x35d/0x650
[ 1890.052474][T29710]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1890.052501][T29710]  ? do_syscall_64+0x40/0x3b0
[ 1890.052521][T29710]  ? __fget_files+0x3a0/0x420
[ 1890.052551][T29710]  ? __fget_files+0x2a/0x420
[ 1890.052590][T29710]  __x64_sys_getsockopt+0x1a5/0x250
[ 1890.052617][T29710]  ? do_syscall_64+0x40/0x3b0
[ 1890.052639][T29710]  ? do_syscall_64+0x40/0x3b0
[ 1890.052665][T29710]  do_syscall_64+0xfa/0x3b0
[ 1890.052683][T29710]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1890.052716][T29710]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1890.052737][T29710]  ? clear_bhb_loop+0x60/0xb0
[ 1890.052763][T29710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1890.052783][T29710] RIP: 0033:0x7f25e798e929
[ 1890.052803][T29710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1890.052821][T29710] RSP: 002b:00007f25e57f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1890.052844][T29710] RAX: ffffffffffffffda RBX: 00007f25e7bb5fa0 RCX: 00007f25e798e929
[ 1890.052859][T29710] RDX: 000000000000001f RSI: 0000000000000006 RDI: 0000000000000003
[ 1890.052871][T29710] RBP: 00007f25e57f6090 R08: 00002000000001c0 R09: 0000000000000000
[ 1890.052883][T29710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1890.052896][T29710] R13: 0000000000000000 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 1890.052928][T29710]  </TASK>
[ 1890.052941][T29710] socket: no more sockets
[ 1891.736129][T29774] FAULT_INJECTION: forcing a failure.
[ 1891.736129][T29774] name failslab, interval 1, probability 0, space 0, times 0
[ 1891.757588][T29774] CPU: 1 UID: 0 PID: 29774 Comm: syz.9.13456 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1891.757620][T29774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1891.757638][T29774] Call Trace:
[ 1891.757646][T29774]  <TASK>
[ 1891.757655][T29774]  dump_stack_lvl+0x189/0x250
[ 1891.757685][T29774]  ? __pfx____ratelimit+0x10/0x10
[ 1891.757719][T29774]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1891.757743][T29774]  ? __pfx__printk+0x10/0x10
[ 1891.757772][T29774]  ? __pfx___might_resched+0x10/0x10
[ 1891.757796][T29774]  ? fs_reclaim_acquire+0x7d/0x100
[ 1891.757838][T29774]  should_fail_ex+0x414/0x560
[ 1891.757871][T29774]  should_failslab+0xa8/0x100
[ 1891.757900][T29774]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1891.757925][T29774]  ? __se_sys_mount+0x165/0x410
[ 1891.757954][T29774]  ? memdup_user+0x99/0xd0
[ 1891.757990][T29774]  __se_sys_mount+0x165/0x410
[ 1891.758028][T29774]  ? __pfx___se_sys_mount+0x10/0x10
[ 1891.758064][T29774]  ? do_syscall_64+0xbe/0x3b0
[ 1891.758084][T29774]  ? __x64_sys_mount+0x20/0xc0
[ 1891.758117][T29774]  do_syscall_64+0xfa/0x3b0
[ 1891.758137][T29774]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1891.758168][T29774]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1891.758189][T29774]  ? clear_bhb_loop+0x60/0xb0
[ 1891.758215][T29774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1891.758236][T29774] RIP: 0033:0x7feb9ef8e929
[ 1891.758254][T29774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1891.758273][T29774] RSP: 002b:00007feb9fd94038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1891.758295][T29774] RAX: ffffffffffffffda RBX: 00007feb9f1b5fa0 RCX: 00007feb9ef8e929
[ 1891.758311][T29774] RDX: 0000200000000580 RSI: 0000200000000540 RDI: 0000000000000000
[ 1891.758325][T29774] RBP: 00007feb9fd94090 R08: 0000200000000800 R09: 0000000000000000
[ 1891.758338][T29774] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[ 1891.758350][T29774] R13: 0000000000000001 R14: 00007feb9f1b5fa0 R15: 00007fff0f430498
[ 1891.758379][T29774]  </TASK>
[ 1891.962341][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1892.720394][ T5738] usb 10-1: new high-speed USB device number 39 using dummy_hcd
[ 1892.912337][ T5738] usb 10-1: Using ep0 maxpacket: 8
[ 1892.919736][ T5738] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[ 1892.928755][ T5738] usb 10-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[ 1892.939414][ T5738] usb 10-1: config 179 has no interface number 0
[ 1892.946408][ T5738] usb 10-1: config 179 interface 65 altsetting 12 has 0 endpoint descriptors, different from the interface descriptor's value: 23
[ 1892.961329][ T5738] usb 10-1: config 179 interface 65 has no altsetting 0
[ 1892.969371][ T5738] usb 10-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1892.984033][ T5738] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1893.034312][T29832] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1893.229161][ T5880] usb 10-1: USB disconnect, device number 39
[ 1893.753550][T29883] FAULT_INJECTION: forcing a failure.
[ 1893.753550][T29883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1893.771255][T29883] CPU: 0 UID: 0 PID: 29883 Comm: syz.7.13477 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 1893.771285][T29883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1893.771299][T29883] Call Trace:
[ 1893.771307][T29883]  <TASK>
[ 1893.771316][T29883]  dump_stack_lvl+0x189/0x250
[ 1893.771345][T29883]  ? __pfx____ratelimit+0x10/0x10
[ 1893.771377][T29883]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1893.771402][T29883]  ? __pfx__printk+0x10/0x10
[ 1893.771424][T29883]  ? __might_fault+0xb0/0x130
[ 1893.771477][T29883]  should_fail_ex+0x414/0x560
[ 1893.771509][T29883]  _copy_from_user+0x2d/0xb0
[ 1893.771532][T29883]  dev_ethtool+0xd0/0x1990
[ 1893.771567][T29883]  ? __lock_acquire+0xab9/0xd20
[ 1893.771595][T29883]  ? __pfx_dev_ethtool+0x10/0x10
[ 1893.771657][T29883]  ? dev_load+0x21/0x1f0
[ 1893.771681][T29883]  ? dev_load+0x21/0x1f0
[ 1893.771704][T29883]  dev_ioctl+0x392/0x1150
[ 1893.771730][T29883]  sock_do_ioctl+0x22c/0x300
[ 1893.771752][T29883]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1893.771769][T29883]  ? __lock_acquire+0xab9/0xd20
[ 1893.771805][T29883]  sock_ioctl+0x576/0x790
[ 1893.771838][T29883]  ? __pfx_sock_ioctl+0x10/0x10
[ 1893.771868][T29883]  ? __fget_files+0x2a/0x420
[ 1893.771897][T29883]  ? __fget_files+0x3a0/0x420
[ 1893.771926][T29883]  ? __fget_files+0x2a/0x420
[ 1893.771959][T29883]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1893.771981][T29883]  ? __pfx_sock_ioctl+0x10/0x10
[ 1893.772010][T29883]  __se_sys_ioctl+0xfc/0x170
[ 1893.772039][T29883]  do_syscall_64+0xfa/0x3b0
[ 1893.772058][T29883]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1893.772088][T29883]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1893.772108][T29883]  ? clear_bhb_loop+0x60/0xb0
[ 1893.772133][T29883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1893.772153][T29883] RIP: 0033:0x7f8fd778e929
[ 1893.772171][T29883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1893.772189][T29883] RSP: 002b:00007f8fd8534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1893.772210][T29883] RAX: ffffffffffffffda RBX: 00007f8fd79b5fa0 RCX: 00007f8fd778e929
[ 1893.772224][T29883] RDX: 00002000000000c0 RSI: 0000000000008946 RDI: 0000000000000004
[ 1893.772237][T29883] RBP: 00007f8fd8534090 R08: 0000000000000000 R09: 0000000000000000
[ 1893.772249][T29883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1893.772260][T29883] R13: 0000000000000000 R14: 00007f8fd79b5fa0 R15: 00007ffe48499e98
[ 1893.772288][T29883]  </TASK>
[ 1894.473189][ T5893] usb 10-1: new high-speed USB device number 40 using dummy_hcd
[ 1894.651910][ T5893] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1894.663154][ T5893] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1894.682168][ T5893] usb 10-1: New USB device found, idVendor=06a3, idProduct=0ccb, bcdDevice= 0.00
[ 1894.719028][ T5893] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1894.744574][ T5893] usb 10-1: config 0 descriptor??
[ 1895.140464][T23408] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[ 1895.222593][ T5893] saitek 0003:06A3:0CCB.002B: hidraw0: USB HID v0.0a Device [HID 06a3:0ccb] on usb-dummy_hcd.9-1/input0
[ 1895.339083][T23408] usb 3-1: Using ep0 maxpacket: 8
[ 1895.346308][T23408] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1895.359880][T23408] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1895.380865][T23408] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1895.399462][T23408] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1895.413602][T29893] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1895.422778][T23408] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1895.438541][T29893] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1895.448785][T23408] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1895.459863][ T5893] usb 10-1: USB disconnect, device number 40
[ 1895.475725][T23408] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1895.739430][T23408] usb 3-1: GET_CAPABILITIES returned 0
[ 1895.749104][T23408] usbtmc 3-1:16.0: can't read capabilities
[ 1896.030869][T29926] usbtmc 3-1:16.0: usb_control_msg returned -32
[ 1896.070020][T23408] usb 3-1: USB disconnect, device number 49
[ 1896.386900][ T5893] usb 10-1: new high-speed USB device number 41 using dummy_hcd
[ 1896.582122][ T5893] usb 10-1: Using ep0 maxpacket: 16
[ 1896.590846][ T5893] usb 10-1: config 0 has an invalid interface number: 214 but max is 0
[ 1896.620428][ T5893] usb 10-1: config 0 has no interface number 0
[ 1896.629455][ T5893] usb 10-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[ 1896.698005][ T5893] usb 10-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 1896.708316][ T5893] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1896.722690][ T5893] usb 10-1: Product: syz
[ 1896.727043][ T5893] usb 10-1: Manufacturer: syz
[ 1896.733744][ T5893] usb 10-1: SerialNumber: syz
[ 1896.758250][ T5893] usb 10-1: config 0 descriptor??
[ 1897.438662][ T5893] usbtouchscreen 10-1:0.214: probe with driver usbtouchscreen failed with error -71
[ 1897.466377][ T5893] usb 10-1: USB disconnect, device number 41
[ 1901.711170][ T5205] udevd[5205]: worker [25671] /devices/virtual/block/nbd0 is taking a long time
[ 1917.948202][   T55] block nbd0: Possible stuck request ffff888025aa5080: control (read@0,1024B). Runtime 120 seconds
[ 1918.264030][   T55] block nbd0: Possible stuck request ffff888025aa5240: control (read@1024,1024B). Runtime 120 seconds
[ 1918.275571][   T55] block nbd0: Possible stuck request ffff888025aa5400: control (read@2048,1024B). Runtime 120 seconds
[ 1918.298687][   T55] block nbd0: Possible stuck request ffff888025aa55c0: control (read@3072,1024B). Runtime 120 seconds
[ 1920.152439][T19310] Bluetooth: hci3: command 0x0406 tx timeout
[ 1950.096559][   T55] block nbd0: Possible stuck request ffff888025aa5080: control (read@0,1024B). Runtime 150 seconds
[ 1950.356415][   T55] block nbd0: Possible stuck request ffff888025aa5240: control (read@1024,1024B). Runtime 150 seconds
[ 1950.367576][   T55] block nbd0: Possible stuck request ffff888025aa5400: control (read@2048,1024B). Runtime 150 seconds
[ 1950.395978][   T55] block nbd0: Possible stuck request ffff888025aa55c0: control (read@3072,1024B). Runtime 150 seconds
[ 1982.257994][   T55] block nbd0: Possible stuck request ffff888025aa5080: control (read@0,1024B). Runtime 180 seconds
[ 1982.446584][   T55] block nbd0: Possible stuck request ffff888025aa5240: control (read@1024,1024B). Runtime 180 seconds
[ 1982.457901][   T55] block nbd0: Possible stuck request ffff888025aa5400: control (read@2048,1024B). Runtime 180 seconds
[ 1982.489257][   T55] block nbd0: Possible stuck request ffff888025aa55c0: control (read@3072,1024B). Runtime 180 seconds
[ 1984.624244][ T5205] udevd[5205]: worker [25671] /devices/virtual/block/nbd0 timeout; kill it
[ 1984.633715][ T5205] udevd[5205]: seq 44875 '/devices/virtual/block/nbd0' killed
[ 2007.729971][T25693] Bluetooth: hci4: command 0x0406 tx timeout
[ 2014.400823][   T55] block nbd0: Possible stuck request ffff888025aa5080: control (read@0,1024B). Runtime 210 seconds
[ 2014.542070][   T55] block nbd0: Possible stuck request ffff888025aa5240: control (read@1024,1024B). Runtime 210 seconds
[ 2014.553229][   T55] block nbd0: Possible stuck request ffff888025aa5400: control (read@2048,1024B). Runtime 210 seconds
[ 2014.583693][   T55] block nbd0: Possible stuck request ffff888025aa55c0: control (read@3072,1024B). Runtime 210 seconds
[ 2046.558875][ T1116] block nbd0: Possible stuck request ffff888025aa5080: control (read@0,1024B). Runtime 240 seconds
[ 2046.632831][ T1116] block nbd0: Possible stuck request ffff888025aa5240: control (read@1024,1024B). Runtime 240 seconds
[ 2046.644308][ T1116] block nbd0: Possible stuck request ffff888025aa5400: control (read@2048,1024B). Runtime 240 seconds
[ 2046.686154][ T1116] block nbd0: Possible stuck request ffff888025aa55c0: control (read@3072,1024B). Runtime 240 seconds
[ 2065.031552][   T31] INFO: task syz.0.13489:30019 blocked for more than 143 seconds.
[ 2065.039521][   T31]       Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0
[ 2065.047233][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2065.056057][   T31] task:syz.0.13489     state:D stack:28328 pid:30019 tgid:30018 ppid:25687  task_flags:0x400040 flags:0x00004004
[ 2065.068976][   T31] Call Trace:
[ 2065.072353][   T31]  <TASK>
[ 2065.075409][   T31]  __schedule+0x16f5/0x4d00
[ 2065.079993][   T31]  ? do_dentry_open+0x35e/0x1970
[ 2065.086741][   T31]  ? do_filp_open+0x1fa/0x410
[ 2065.091477][   T31]  ? do_sys_openat2+0x121/0x1c0
[ 2065.096494][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2065.101383][   T31]  ? schedule+0x165/0x360
[ 2065.105744][   T31]  ? __pfx___schedule+0x10/0x10
[ 2065.110791][   T31]  ? schedule+0x91/0x360
[ 2065.115145][   T31]  schedule+0x165/0x360
[ 2065.119459][   T31]  schedule_preempt_disabled+0x13/0x30
[ 2065.125054][   T31]  __mutex_lock+0x724/0xe80
[ 2065.129680][   T31]  ? __mutex_lock+0x51b/0xe80
[ 2065.134393][   T31]  ? bdev_open+0xe0/0xd30
[ 2065.139091][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 2065.144151][   T31]  ? wait_on_inode+0xc0/0x230
[ 2065.149033][   T31]  ? disk_block_events+0xab/0x120
[ 2065.154105][   T31]  ? bdev_open+0xaf/0xd30
[ 2065.158479][   T31]  bdev_open+0xe0/0xd30
[ 2065.162775][   T31]  blkdev_open+0x3a8/0x510
[ 2065.167248][   T31]  ? __pfx_blkdev_open+0x10/0x10
[ 2065.172310][   T31]  do_dentry_open+0xdf3/0x1970
[ 2065.177698][   T31]  vfs_open+0x3b/0x340
[ 2065.181904][   T31]  ? path_openat+0x2ecd/0x3830
[ 2065.186715][   T31]  path_openat+0x2ee5/0x3830
[ 2065.191336][   T31]  ? arch_stack_walk+0xfc/0x150
[ 2065.196443][   T31]  ? __pfx_path_openat+0x10/0x10
[ 2065.201437][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2065.207814][   T31]  do_filp_open+0x1fa/0x410
[ 2065.212364][   T31]  ? __lock_acquire+0xab9/0xd20
[ 2065.217344][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 2065.222657][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 2065.227815][   T31]  ? alloc_fd+0x64c/0x6c0
[ 2065.232207][   T31]  do_sys_openat2+0x121/0x1c0
[ 2065.236996][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2065.242243][   T31]  ? exc_page_fault+0x76/0xf0
[ 2065.247049][   T31]  ? do_user_addr_fault+0xc8a/0x1390
[ 2065.252392][   T31]  __x64_sys_openat+0x138/0x170
[ 2065.257321][   T31]  do_syscall_64+0xfa/0x3b0
[ 2065.261860][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2065.267528][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2065.273635][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 2065.278436][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2065.284911][   T31] RIP: 0033:0x7f25e798d290
[ 2065.289599][   T31] RSP: 002b:00007f25e57f5b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2065.298074][   T31] RAX: ffffffffffffffda RBX: 0000000000002200 RCX: 00007f25e798d290
[ 2065.306163][   T31] RDX: 0000000000002200 RSI: 00007f25e57f5c10 RDI: 00000000ffffff9c
[ 2065.314231][   T31] RBP: 00007f25e57f5c10 R08: 0000000000000000 R09: 002364626e2f7665
[ 2065.322306][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[ 2065.330583][   T31] R13: 0000000000000001 R14: 00007f25e7bb5fa0 R15: 00007ffd23cede58
[ 2065.338655][   T31]  </TASK>
[ 2065.341782][   T31] 
[ 2065.341782][   T31] Showing all locks held in the system:
[ 2065.349539][   T31] 1 lock held by khungtaskd/31:
[ 2065.354532][   T31]  #0: ffffffff8e33eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 2065.364503][   T31] 2 locks held by getty/5598:
[ 2065.369198][   T31]  #0: ffff888034c0a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2065.379195][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 2065.389755][   T31] 3 locks held by napi/wg2-0/21552:
[ 2065.395672][   T31]  #0: ffff8880b8739f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 2065.405815][   T31]  #1: ffff8880b8723f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x314/0x6d0
[ 2065.417357][   T31]  #2: ffffffff99ee4890 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_deactivate+0x9a/0x250
[ 2065.427985][   T31] 1 lock held by udevd/25671:
[ 2065.432688][   T31]  #0: ffff888143764358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[ 2065.442047][   T31] 1 lock held by syz.0.13489/30019:
[ 2065.447279][   T31]  #0: ffff888143764358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[ 2065.456601][   T31] 
[ 2065.459381][   T31] =============================================
[ 2065.459381][   T31] 
[ 2065.467940][   T31] NMI backtrace for cpu 0
[ 2065.467970][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 2065.467994][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2065.468007][   T31] Call Trace:
[ 2065.468016][   T31]  <TASK>
[ 2065.468025][   T31]  dump_stack_lvl+0x189/0x250
[ 2065.468053][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 2065.468094][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2065.468118][   T31]  ? __pfx__printk+0x10/0x10
[ 2065.468155][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 2065.468187][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2065.468212][   T31]  ? _printk+0xcf/0x120
[ 2065.468240][   T31]  ? __pfx__printk+0x10/0x10
[ 2065.468265][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2065.468299][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 2065.468330][   T31]  watchdog+0xfee/0x1030
[ 2065.468353][   T31]  ? watchdog+0x1de/0x1030
[ 2065.468377][   T31]  kthread+0x70e/0x8a0
[ 2065.468407][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2065.468425][   T31]  ? __pfx_kthread+0x10/0x10
[ 2065.468454][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2065.468484][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2065.468513][   T31]  ? __pfx_kthread+0x10/0x10
[ 2065.468543][   T31]  ret_from_fork+0x3f9/0x770
[ 2065.468568][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2065.468595][   T31]  ? __switch_to_asm+0x39/0x70
[ 2065.468620][   T31]  ? __switch_to_asm+0x33/0x70
[ 2065.468645][   T31]  ? __pfx_kthread+0x10/0x10
[ 2065.468679][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2065.468723][   T31]  </TASK>
[ 2065.468741][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 2065.628063][    C1] NMI backtrace for cpu 1
[ 2065.628081][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 2065.628102][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2065.628113][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 2065.628146][    C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d e3 09 1b 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[ 2065.628162][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[ 2065.628178][    C1] RAX: 2a8fa9f02ae17800 RBX: ffffffff81979d58 RCX: 2a8fa9f02ae17800
[ 2065.628192][    C1] RDX: 0000000000000001 RSI: ffffffff8da4c097 RDI: ffffffff8be41840
[ 2065.628205][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f5b R09: 1ffff110170e65eb
[ 2065.628218][    C1] R10: dffffc0000000000 R11: ffffed10170e65ec R12: ffffffff8fc231f0
[ 2065.628232][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003addb40
[ 2065.628243][    C1] FS:  0000000000000000(0000) GS:ffff888125b1c000(0000) knlGS:0000000000000000
[ 2065.628257][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2065.628270][    C1] CR2: 0000561130eed168 CR3: 000000000e138000 CR4: 00000000003526f0
[ 2065.628285][    C1] Call Trace:
[ 2065.628293][    C1]  <TASK>
[ 2065.628306][    C1]  default_idle+0x13/0x20
[ 2065.628326][    C1]  default_idle_call+0x74/0xb0
[ 2065.628346][    C1]  do_idle+0x1e8/0x510
[ 2065.628370][    C1]  ? __pfx_do_idle+0x10/0x10
[ 2065.628395][    C1]  ? do_idle+0xc/0x510
[ 2065.628416][    C1]  cpu_startup_entry+0x44/0x60
[ 2065.628436][    C1]  start_secondary+0x101/0x110
[ 2065.628463][    C1]  common_startup_64+0x13e/0x147
[ 2065.628495][    C1]  </TASK>
[ 2065.629130][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 2065.802264][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) 
[ 2065.814180][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2065.824249][   T31] Call Trace:
[ 2065.827546][   T31]  <TASK>
[ 2065.830496][   T31]  dump_stack_lvl+0x99/0x250
[ 2065.835125][   T31]  ? __asan_memcpy+0x40/0x70
[ 2065.839746][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2065.844965][   T31]  ? __pfx__printk+0x10/0x10
[ 2065.849582][   T31]  panic+0x2db/0x790
[ 2065.853493][   T31]  ? __pfx_panic+0x10/0x10
[ 2065.857931][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 2065.863759][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 2065.869159][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[ 2065.875341][   T31]  watchdog+0x102d/0x1030
[ 2065.879688][   T31]  ? watchdog+0x1de/0x1030
[ 2065.884124][   T31]  kthread+0x70e/0x8a0
[ 2065.888220][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2065.892917][   T31]  ? __pfx_kthread+0x10/0x10
[ 2065.897535][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2065.902760][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2065.907980][   T31]  ? __pfx_kthread+0x10/0x10
[ 2065.912599][   T31]  ret_from_fork+0x3f9/0x770
[ 2065.917210][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 2065.922339][   T31]  ? __switch_to_asm+0x39/0x70
[ 2065.927123][   T31]  ? __switch_to_asm+0x33/0x70
[ 2065.931903][   T31]  ? __pfx_kthread+0x10/0x10
[ 2065.936531][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2065.941328][   T31]  </TASK>
[ 2065.944786][   T31] Kernel Offset: disabled
[ 2065.949125][   T31] Rebooting in 86400 seconds..